AOL browser problem

G

Genmar

I've got a customer, that has a subscription service that requires a user ID
and password to logon. Everything works just great with all his customers
except those who use AOL. They get an error saying they're not authorized
to view the site. If they minimize their AOL browser and open their
Internet Explorer everything works just fine. Any ideas?? I've got Windows
2000 Enhanced Server and FP 2002 Extensions running on the machine.
 
S

Stefan B Rusynko

What technology are you using for authentication
- or provide a URL of the log in page




| I've got a customer, that has a subscription service that requires a user ID
| and password to logon. Everything works just great with all his customers
| except those who use AOL. They get an error saying they're not authorized
| to view the site. If they minimize their AOL browser and open their
| Internet Explorer everything works just fine. Any ideas?? I've got Windows
| 2000 Enhanced Server and FP 2002 Extensions running on the machine.
|
|
 
J

JL Amerson

Yes - tell them to use IE. I have the same problem with a site I maintain.
One of the pages is password protected because it contains a link to our
newsletter. Since the newsletter has the home addresses and phone numbers of
the region officers (myself included), I wanted a more secure site.

For whatever reason the AOL browser (and Netscape too) will not allow the
members to view the page. My host couldn't help me, I tried several
suggestions from this group (this problem was the reason I first visited),
none of my more comouter-savvy friends could help. The easiest thing to do
was to notify the members that they have to use Internet Explorer. Sometimes
it's easier to switch than fight.

I'd love to hear other suggestions if anyone can think of some.
 
J

Jim Cheshire

One thing I can think of is that your host secures the site using NTLM
authentication (Windows Integrated authentication.) In order to pass the
NTLM token on a browser connection, your browser must support passing NTLM
authentication. Only Internet Explorer does.

The solution would be to have your host turn off Windows Integrated and turn
on Basic.

--
Jim Cheshire
Jimco Add-ins
http://www.jimcoaddins.com
===================================
Co-author of Special Edition
Using Microsoft FrontPage 2003
Order it today!
http://sefp2003.frontpagelink.com
 
G

Genmar

You were right Jim, that did it. I have my own www server so I was able to
go in and make the change myself. I filed the fix away in my trouble book.

Thanks a ton,
Gene Luker - (e-mail address removed)
http://www.genmar.net
 
T

Thomas A. Rowe

Note: Basic is less secure, as login info is sent in the clear.

--

==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, Forums, WebCircle,
MS KB Quick Links, etc.
==============================================
 
J

JL Amerson

Oh. Well, maybe I won't call my host. More secure is a good thing and I only
have a small number of people who can't access the file regardless of what
theytry. (In their case I email them the file.)
 
J

Jim Cheshire

It's actually (if memory serves) base 64 encoded. It's worth mentioning
that Windows Integrated Authentication was not designed for the Internet and
should not be used on an Internet site for just the reason that prompted
this post. Basic is the authentication method that should be used. If you
need encryption, use SSL.

--
Jim Cheshire
Jimco Add-ins
http://www.jimcoaddins.com
===================================
Co-author of Special Edition
Using Microsoft FrontPage 2003
Order it today!
http://sefp2003.frontpagelink.com
 
T

Thomas A. Rowe

However it is used when accessing a Windows web host for access via FP, so
in general if you also have the ability to set or the host sets unique users
or file permissions, the host is not going to run both by default,
especially if one is more secure than the other.

--

==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, Forums, WebCircle,
MS KB Quick Links, etc.
==============================================
 
J

Jim Cheshire

Tom,

What a host does and what is best are often two entirely different things.
NTLM authentication is not meant to be used on the Internet for one simple
reason; it is designed to fail when credentials are delegated. In other
words, if you log in to a Web site in FrontPage, but you are working through
an authenticating proxy (a VERY common scenario on the Internet), NTLM
authentication is designed to fail.

How many times do you see posts that are explained by this in the group?
How many times do you read posts that say, "I can't log in. I know the
username and password is right. My host says it's not their problem because
they can log in fine." I see it frequently.

--
Jim Cheshire
Jimco Add-ins
http://www.jimcoaddins.com
===================================
Co-author of Special Edition
Using Microsoft FrontPage 2003
Order it today!
http://sefp2003.frontpagelink.com
 
T

Thomas A. Rowe

Jim,

I will agree that it is a common issue, but we are talking about two
different types of access, at least in my mind.

1. Web site access by site visitors. I would never handle this via the OS,
unless it was basic.

2. Authoring, where you actually have an account on the server and may have
access to add users, etc.

--

==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, Forums, WebCircle,
MS KB Quick Links, etc.
==============================================
 
J

Jim Cheshire

However, in both scenarios, if credentials are delegated, login will fail.
The solution (if you want to make sure that credentials are encrypted) is
Basic and SSL. That's by far the best method because it will work for
everyone.

--
Jim Cheshire
Jimco Add-ins
http://www.jimcoaddins.com
===================================
Co-author of Special Edition
Using Microsoft FrontPage 2003
Order it today!
http://sefp2003.frontpagelink.com
 
J

Jimmy

However, in both scenarios, if credentials are delegated, login will fail.
The solution (if you want to make sure that credentials are encrypted) is
Basic and SSL. That's by far the best method because it will work for
everyone.
Click to expand...

Exactly. NTLM is Microsoft BS. It's designed only for promotion
of the MS strategy I politely refer to as "Corporato Homogenium".

If you need security, use SSL and basic. NTLM should not be used
except in small, MS only, corporate environments where software
use can be dictated to the disciples.
 
J

Jim Cheshire

Jimmy,

You are a bit misled here. NTLM (and Kerberos) are excellent authentication
methods in a corporate environment. As a matter of fact, in most corporate
environments (and I'm including major, large corporations), they absolutely
refuse to use anything other than Windows authentication because it provides
a secure method of communication.

A little education goes a long way! :)

--
Jim Cheshire
Jimco Add-ins
http://www.jimcoaddins.com
===================================
Co-author of Special Edition
Using Microsoft FrontPage 2003
Order it today!
http://sefp2003.frontpagelink.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Start a mail merge upon opening the document 1
MSN and AOL browser problem 1
FP 2003 + AOL Hometown 4
Forcing browser to clear cache... 4
Why won't my site show updates? 1
AOL Outlook 2003 not sending 2
Locate link browser problem 0
How do I add Netscape Navigator to my browser list? 2

Top