At 13:21 13/04/99 , Karl & Mel wrote:
From: Martijn Pieters <mj@antraciet.nl> Not sure what the problem really was. :-( but it started working after I mucked with the security settings in IIS and ie5. So am happy now. I was able to finish work on the Copy/Move functionality for Confera :-) Still got some work to do on it but IT WORKS! enough... thats for the other list. As near as I can figure I think it is the ie5 "nice" error pages or the intranet secuity settings that prevented the authentication. Maybe its time to give up ie for NS or Grail ;-)
Hmm.. I got it working for a moment as well, by switching off anonymous access, and switching on Basic Authentication (therefore always getting access denied). The browser now allowed me to type in my Zope username and password. IIS now denies me access (because the username and password are not know to it). Then switching Anonymous access back on, and Basic Authentication back off, I log into the Zope management screens. However, shutting down your browser undoes all your work. Back to the old conclusion that IE5.0 'forgets' to ask for your username and password, because the HTTP status code is 401.5, which it doesn't recognize. I have now found a permanent solution though: Further playing showed that the message in your browser is a file returned by IIS. With IIS you can specify custom error HTML files. Out of the box, 401.5 is set up to return %SystemRoot%/help/common/401-5.htm. When you set IIS up to serve it's 'default' (i.e. no file), everything suddenly works! I have managed to trace the exact reason to this fundamental difference. When IIS encounters the 401 return from Zope, it will return the file specified by it's custom error tab instead. When returning this file, IIS doesn't specify a Www-Authenticate header anymore. IE5.0 *correctly* doesn't ask for a username and password. I can only conclude that it is a IIS 4.0 bug. It should just return all the headers Zope generated, with the body replaced by the contents of the file. When you set the custom error handling to 'default', IIS doesn't interfere with the headers returned by Zope, and the Www-Authenticate header isn't killed. To switch off the custom error handler, go to the properties dialog box of your IIS web. Choose the 'Custom Errors' tab. Select '401;5' in the HTTP Error column, and click on 'Edit Properties...'. Set the Message-Type to 'Default', and click OK twice. Now everything should work. This imformation should probably be in doc/WEBSERVER.txt. I'll submit this to the collector. -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | Tel: +31-35-6254545 Fax: +31-35-6254555 | mailto:mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ------------------------------------------