We have a web page that is configured for Integrated Windows Authentication under ISS. When I access this page via its HostName (e.g. http://MyHost/mypage.htm) it works. When I access this page via the IP address of the host (e.g. instead of MyHost, use MyHost's IP address in the URL), I'm prompted for a username & password. Can anyone explain why this is happening?
views:
537answers:
3You're probably accessing different "web sites" that are hosted from your IIS, goto properties of the site where the ip configuration is and goto advanced, you'll see stuff like "Host Header Name" and its probably only serving up requests to that hostname.
My guess is that you have the domain name in your trusted sites and not the ip address. (Or at least they are in different security zones.) There is an IE setting that will cause Windows Auth sites to prompt everytime vs. auto logging you using your current windows credentials.
If the computer name portion of the requested URL contains periods (such as http://www.microsoft.com and http://10.0.0.1), Internet Explorer assumes that the requested address exists on the Internet and does not pass any credentials automatically.
Addresses without periods (such as http://webserver) are considered to be on the intranet (local); Internet Explorer passes credentials automatically. The only exception is addresses included in the Intranet zone in Internet Explorer.