P&M Fails to Redirect to Custom Forms Login Pages on Network Shares (261230)

SYMPTOMS

When the custom forms login page is contained on a network share, Personalization and Membership (P&M) may redirect clients to the default forms login page (Formslogin.asp) in the _mem_bin virtual directory, instead of a custom forms login page.

CAUSE

The P&M authentication filter (Authfltr.dll) fails to send a redirect to the custom forms login page, because it is using the wrong credentials when it attempts to verify the existence of the custom forms login page on the network share. The Authfltr.dll file sends a redirect to the default forms login page when the network share access attempt returns an "Access Denied" error message, because it determines a custom page is not available.

The credentials problem occurs because Internet Information Server (IIS) reverts the request thread token from the network share account to the system account before notifying authentication filters. This behavior is actually correct, because filters should not be forced to run under a context other than the system account.

WORKAROUND

To work around this issue, do the following:

Create a local directory for each site that contains the custom forms login page.
Place all other content on the network share.
Use local directories for all content.

RESOLUTION

To resolve this problem, obtain the latest service pack for Site Server version 3.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

219292 How to Obtain the Latest Site Server 3.0 Service Pack

MORE INFORMATION

The Authfltr.dll file has been modified to check for network credentials that are specific to the virtual directory in the IIS metabase, and to use those credentials when it verifies the existence of a custom forms login page.