IE8 displays page cannot be displayed...

I am writing a WEB Service that is using Negotiate protocol with the MS api 
AcceptSecurityContext. If the browser is not logged into the domain but a 
group and tries to access the service the browser will respond with a 
WWW-Negotiate header passing a token to the service. However the browser will 
return a Page Cannot be displayed if the output of the AcceptSecurityContext 
returned a SEC_I_CONTINUE_NEEDED and the output buffer is sent back. I would 
have expected the browser to prompt for credentials or make a new request and 
choose another option when the cycle repeats. If this is the desired 
operation of the browser should I not return the output from the 
SEC_I_CONTINUE_NEEDED and resend the 401 without the Negotiate as an option ? 
By the way if I do a good NTLM the kerboros will succeed when tried again.

Just looking for the correct approach.

Thanks,
-- 
Timothy Jewett
Jewettware@online.nospam
1
Utf
5/21/2010 1:18:01 PM
internetexplorer.general 1684 articles. 0 followers. Follow

1 Replies
1885 Views

Similar Articles

[PageSpeed] 2

Developer-specific resources include:

MSDN IE Development Forum (post such questions here instead)
http://social.msdn.microsoft.com/Forums/en-US/iewebdevelopment/threads

Tip: When posting in Developer forums, always include a link to your web 
site or test pages in your first post.

IE Developer Center
http://msdn.microsoft.com/en-us/ie/default.aspx

Learn IE8
http://msdn.microsoft.com/en-us/ie/aa740473.aspx


Timothy Jewett wrote:
> I am writing a WEB Service that is using Negotiate protocol with the MS 
> api
> AcceptSecurityContext. If the browser is not logged into the domain but a
> group and tries to access the service the browser will respond with a
> WWW-Negotiate header passing a token to the service. However the browser
> will return a Page Cannot be displayed if the output of the
> AcceptSecurityContext returned a SEC_I_CONTINUE_NEEDED and the output
> buffer is sent back. I would have expected the browser to prompt for
> credentials or make a new request and choose another option when the cycle
> repeats. If this is the desired operation of the browser should I not
> return the output from the SEC_I_CONTINUE_NEEDED and resend the 401 
> without
> the Negotiate as an option ? By the way if I do a good NTLM the kerboros
> will succeed when tried again.
>
> Just looking for the correct approach.
>
> Thanks, 

0
PA
5/21/2010 5:06:21 PM
Reply:

Similar Artilces: