A change has been made to the way Windows Integrated Authentication works with Asset Bank.
A change has been made to Asset Bank to resolve an issue experienced with the Flash Asset Uploader when IIS Single Sign On is enabled. The resolution requires some changes to the IIS configuration, where 'Integrated Windows Authentication' is enabled. Before you change your configuration as explained below ensure that you have Asset Bank version 3.1127 or above.
- In the IIS management console, select properties on the Default Web Site. On the Directory Security tab, click Edit by ‘Authentication and access control’. BOTH the following boxes should be checked: 'Integrated Windows Authentication' and 'Enable Anonymous Access'. Make a note of the username for 'Account used for anonymous access'.
- When following the webserver integration instructions, you will have installed a file called 'isapi_redirect.dll'. You should ensure that the Security permissions are set so that the 'Account used for anonymous access' has read permission, as well as authenticated windows users who access Asset Bank using Integrated Windows Authentication.
- Restart IIS. You should now find that the Flash uploader can be used without error.
NOTE: If you previously allowed non-windows users to access Asset Bank using local Asset Bank accounts, then these users may need to change the way they access Asset Bank. This is because Asset Bank may now give an 'Unauthorised' response if a non-windows user tries to access Asset Bank URLs other than the login page, which results in popup dialogs in the browser. See IIS single sign on (SSO) - supporting non-LDAP users for how to best fix this.
Comments
0 comments
Please sign in to leave a comment.