Using Challenge Response Authentication on a Web Site that Incorporates Framesets (297210)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Server 5.0
- Microsoft Internet Information Services version 6.0
This article was previously published under Q297210 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS When you use frameset pages on a site that uses NT
Challenge Response as the only authentication method, 401 errors may appear in
the IIS logs during the user's session. The user can successfully access the
file shortly after the errors occur, and may experience slight delays in
accessing some files. CAUSE When Microsoft Internet Explorer attempts to open a page
that is divided into multiple frames, it requests the different frames pages
simultaneously on separate ports. IIS sees these as separate requests because
they are coming in on separate ports, and requires each request to be
authenticated individually. MORE INFORMATION This is by design for security reasons. Allowing the
subsequent sockets to be opened without requiring authentication first leaves
the server open to attack.
| Modification Type: | Minor | Last Reviewed: | 6/23/2005 |
|---|
| Keywords: | kbpending kbprb KB297210 |
|---|
|