I've installed IIS on a Windows 2016 server, and I'm configuring some websites that I'm migrating from a Windows 2008 server. The websites require Windows authentication. One of the sites is a service provider, with an .asmx file that responds to a particular service request with an XML document. The other site, a conventional ASP.NET website, sends the first site a request and uses the returned XML file as data for populating the banner of its own pages.
I can access both sites directly from my client computer. The latter site returns its usual display, except that the banner is missing. However, I can send the former site a request directly from my desktop browser and it sends the expected XML response.
I deduce, therefore, that something is blocking the request that the latter site is sending to the former site on the same server, or preventing the former site from processing the request.
To troubleshoot, I remoted into the server and tried sending requests to both sites, in Chrome--and both sites failed to authenticate me after I entered my user name and password. It's the same domain user name and password I used when prompted while browsing from my desktop, the same ones I used to authenticate for the remote desktop connection, and, of course, the same one I'm logged in as on the remote server when it lets me open and edit the websites' underlying files directly.
Since neither site will authenticate me when I'm sending my requests from within the server, that certainly explains why the request from the latter site to the former site is failing. But why isn't authentication succeeding? Any ideas?
