MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Continuous authentication pop ups

  Asked By: Zane    Date: Dec 18    Category: MOSS    Views: 4849

I have just installed MOSS on one of my servers. After installation
when it gave me the "Central Administration" page, it asked me the
credentials. I entered the credentials for n number of times and then
I was able to view the page without any issues. Now when I try to move
to some other page in central administration, it again asks me the
provide credentials for n number of times, after filling which, I can
view the page.

Please let me know as to how can I avoid these authentication pop ups.



2 Answers Found

Answer #1    Answered By: Ariana Christensen     Answered On: Dec 18

Use NTLM/Kerberos authentication  and add the site to either the "Trusted
Sites" or "Intranet" zone in IE. If you are running IE7, you'll also
need to enable automatic credential sending for the Trusted Sites zone.
If this is already how things are setup, there is something amiss with
your configuration. Getting 3 auth prompts followed by the page  loading
is typically a symptom of one minor element of the page have different
permissions than the rest.

Answer #2    Answered By: Darrius Whitfield     Answered On: Dec 18

We just this week solved a problem with the same symptoms on our servers.
Hopefully what we learned will be useful to you.

We started out by using the toolbar "ieHTTPHeaders" for Internet Explorer,
or "LiveHTTPHeaders" for FireFox. These tools show the actual headers being
sent for request and response -- very informative! We wanted to see the
exact request (out of the 30 or 40 requests for images, CSS, Javascript,
etc. which make up a page) that was causing the authentication  prompts.

In our case the bogus authentication prompts were associated with URL's of
the form:


And NOT with URL's of the form


Only some web parts and themes use the first form for graphics, so only
those graphics caused the multiple unsatisfyable login prompts. For
example, an attachment to an announcement caused the Announcements web part
to call "attach.gif" (the little paper clip) with a URL of the first form.

We then used IIS Manager on the web front-end and looked at the Directory
Security > Authentication Methods panel for the Web app and for the virtual
directories under it. It turned out that the permissions for the virtual
directory "_layouts/images" were set to "Integrated Windows Authentication",
while the web app as a whole was "Basic Authentication".

We resolved the issue by _adding_ Basic to the authentication methods for
"_layouts/images" using IIS Manager; IWA will failover to Basic when both
are specified. Changing the "IIS Authentication methods" selection on the
SharePoint Central Administration site was not helpful, because it didn't
propogate down to "_layouts/images". We're not sure just why. Since the
goal is to have the _same_ authentication methods available at all levels in
the SharePoint web app, we went back and also added IWA to the upper levels.
This turned out to have SSO-type benefits for Windows/IE users on the local

After changing the authentication methods in IIS Manager, you need to stop
and start the web application (also in IIS Manager) for them to take effect,
but you don't need an IIS reset in my experience.

Note that the solution suggested by Bryan below works only for Windows/IE
clients, and only when they are on the company LAN (that is, they share a
"local" domain controller with the server in question).

Didn't find what you were looking for? Find more on Continuous authentication pop ups Or get search suggestion and latest updates.