AjaxUploader.dll works with Anonymous authentication, fails with Integrated Windows

Question

Administering an IIS6 host for client who is new to an Ajax Upload tool obtained from here: http://ajaxuploader.com/ http://cutesoft.net

When Integrated Windows Authentication is enabled, a single file upload works fine, multi-file upload attempts don't appear to progress (but don't log any errors, that I've found yet..?). Modifying Authentication to anonymous allows Multifile upload to work fine.

Files targeted to be uploaded to a SQL Server db. Pasted code line for line below.

Default.aspx.cs contains:

    using System;
    using System.Collections.Generic;
    using System.Web;
    using System.Web.UI;
    using System.Web.UI.WebControls;

    public partial class _Default : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
          ltOutput.Text = "";
        }

        protected void FileUploaded(object sender, UploaderEventArgs e)
        {
          ltOutput.Text += "File upload complete: <a href=\"download" 
          + .aspx?guid=" + e.FileGuid.ToString() + "\">" + e.FileName 
          + "</a>, File Size: " + e.FileSize + ", FileGUID: " 
          + e.FileGuid.ToString() + "</a><br/>";        
        }
    }

Answer 1

I'd bet that this is because they're using a Flash component for the multi file upload. The single upload uses the browser session so it stays authenticated, but the multi upload uses Flash which connects to the server in a different session, hence the authentication issues. Flash doesn't handle windows auth properly.

You've got a couple choices, neither of which are fun:

• Make your file upload handler available anonymously or with forms auth
• Only use the single file upload