Can't access IIS 7 server URL from the same IIS 7 server

Question

We have an intranet site ie, xxx.yyyy.com, that users access by entering "http"://xxx.yyy.com.

Our problems started when we migrated to IIS 7 running on a new 2003 server. We got rid of our single-sign on code and implemented a security model where we capture a user's domain credentials which we then authenticate against a DB.

In order to get the domain credentials passed to our ASP.NET app, we have the following settings:

Anonymous Authentication:Disabled ASP.NET Impersonation: Enabled Basic/Digest/Forms Authentication: Disabled Windows Authentication: Enabled

We allow "*" and deny "?" in the web.config.

Browsing "http"://xxx.yyy.com from any client PC results in a domain login prompt, and if your enter a proper user/pwd, you can get in.

However, browsing "http"://xxx.yyy.com while remoting into the server results in 3 domain login prompts and eventually a 401 error - unauthorized.

We have traced this behavior to problems with our web site where we have pages doing "screen scraping" using the HttpRequest calling a url on the same server.

When doing a HttpRequest from any other client, using a test harness that passes authorized credentials, all is good. So internal HttpRequest calls on the server fail, just like attempts to browse that server's url from within a remote session.

Why would a to "http"://xxx.yyy.com on server xxx.yyy.com fail authentication?

Answer 1

See this Microsoft support article:

Users experience authentication issues when they access a Web page in IIS 6.0 or query Microsoft SQL Server 2000 after you install Windows Server 2003 Service Pack 1

Symptoms:

You upgrade a Microsoft Windows Server 2003-based computer that is running Microsoft Internet Information Services (IIS) 6.0 or Microsoft SQL Server 2000 to Windows Server 2003 Service Pack 1 (SP1).

After you do this, users experience authentication issues when they use Web applications or when they use a program that queries the database. For example, a user may experience symptoms that are similar to one of the following:

• The user receives an "Access denied" error message when the user tries to access a Web page that retrieves data from a back-end database.

• The user cannot connect to another database server that is located in a Network Load Balancing (NLB) cluster. Queries to the database server fail. The symptoms that users experience may vary depending on your particular environment.