ISA 2006 FBA kerberos constrained delegation - UploadZen: Feedback Forum - ROXORITY ™ Sensational SharePoint Solutions

Top

UploadZen 2.5

Compatibility:

User Voices

UploadZen: Feedback Forum > ISA 2006 FBA kerberos constrained delegation

I have an issue with connecting through an ISA with FBA and kerberos constrained delegation and SSL.

I tested the the setup on the local domain and all works find when accessed from one server to another however if I try to connect remotley I get an 401 error this is because your controll first tries to connect anonymously which is blocked by the ISA server.

Denied Connection
anonymous
12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator.

Which you can see from the extracted log enrtry.

How can I make your control try as a user.

Please advise.

Ian

October 8, 2009 at 1:00 |

Ian

If after double- and triple-checking that ALL the instructions and recommendations on the page linked below have in fact been implemented, that might mean that "ISA with FBA and Kerberos constrained delegation over SSL" is simply not supported.

But be sure to check at least once more the UploadZen Deployment Checklist...

October 8, 2009 at 2:18 |

ROXORITY

If you would confirm a few things with me.

On a front end Moss I have configured IIS 6 as per deployment doc.

If I contect locally to this server it works fine.

So I presume all should be working now.

When I connect through ISA If I monitor the logs when I envoke your control it tries to connect as an anonymous user and this is where the problem lies.

Please advise.

Ian

October 8, 2009 at 22:02 |

Ian

Exactly --- not UploadZen itself, but the Microsoft .NET ClickOnce infrastructure that we're using can only download the application anonymously, it simply cannot technically deal with an HTTP response other than "200 OK".

That's why you needed to configure IIS to grant anonymous access to this one virtual directory.

Now, even if you did that -- if your ISA server (or its current configuration) prevents an anonymous request from getting through to IIS, you're out of luck right now.

In the medium term, we're planning to incorporate an alternative deployment model to ClickOnce, so that you could choose between ClickOnce and ActiveX which could circumvent the problem. (Ideally we'd even love to build a third Java-based option for non-Windows clients, we've gotten enquiries about that, too.)

October 8, 2009 at 22:18 |

ROXORITY

We are a growing international software company committed to drastically improving the SharePoint experience, utility and ROI for casual and power users, administrators, site designers, content managers, business intelligence and knowledge workers.

Quick Links	Contact ROXORITY	SharePoint Solutions
News & Updates Contact Us About Us Software Licensing / How to Buy Privacy Policy Legal Notices & Trademarks Licensing Terms (EULA)	info@roxority.com +852 819-ROXOR Zürcherstrasse 161 8010 Zürich, Switzerland	FilterZenSharePoint Filtering, Re(de)fined PeopleZenUser Profiles Web Part for SharePoint UploadZenPainless SharePoint Bulk File Uploads ExportZenExport SharePoint Data to Excel/CSV PrintZenEasier Print-Friendly SharePoint Lists

You're in good company. 100000s of users at 1000s of organizations enjoy ROXORITY software, including some you might know.