BUG: Users Are Prompted for Basic Authentication When Windows Authentication Is Disabled (277362)

SYMPTOMS

When you configure your Commerce Server site to use Windows Authentication, and then set the Authentication to None, users are prompted to authenticate using Basic Authentication when they browse the Web site.

CAUSE

When you configure a Commerce Server site for Windows Authentication, the Web server security is changed to Basic Authentication for all files and directories, except the AuthFiles directory (which is set to Allow Anonymous). After you remove Windows Authentication, permissions are not restored to their previous settings.

RESOLUTION

To reset the security on a Web site after you set the Authentication Filter to No Filter, do the following:

Open the Internet Services Manager.
Click to expand <ServerName>, and then expand <Web Site>.
Right-click the directory where your Commerce site is installed, and then click Properties.
On the Directory Security tab, click Anonymous access and authentication control, and then click Edit.
To restore anonymous access to the site, click to check Anonymous access.
Click OK twice to save the changes, and then close the property sheet.
From the Start menu, click Run, and then type IISRESET.

Users should now be able to browse the site without being prompted for authentication.

MORE INFORMATION

When you configure Windows Authentication or Custom Authentication for a site, Commerce Server automatically sets the site's security to Basic Authentication (except the AuthFiles directory, which is set to Allow Anonymous). When you change the mode to No Filter, only the Commerce Admin Database is updated with the new authentication mode setting. The permissions on the site itself are not restored because there is no data of the previous permissions.

BUG: Users Are Prompted for Basic Authentication When Windows Authentication Is Disabled (277362)

SYMPTOMS

CAUSE

RESOLUTION

STATUS

MORE INFORMATION