You are viewing limited content. For full access, please sign in.

Question

Question

Web Application, "Permission Denied" error

Updated August 13, 2014
asked on March 25, 2014

We are running a web application in IIS 6 (IIS 7 for development) using Basic Authentication.  Within this application we create a connection to the laserfiche repository using the LFConnection.Create Method.  This works fine.

 

Our application is under a new directive to NOT use basic authentication.  When enabling windows authentication and disabling basic authentication, our application will now fail to create a connection to the laserfiche repository.  The error message received is “Permission Denied”.

 

Here are some other pertinent details:

  •         App pool using network service account (production) or App Pool specific account (development)
  •         As per LFConnection.Create Method details, we are calling the create without specifying a username or password.

 

Any thoughts?

0 0

Replies

replied on March 25, 2014

It sounds like your situation requires Kerberos.  The steps outlined in the Web Access documentation should get your application to work also.

1 0
replied on August 11, 2014

I wanted to post this here. I hope you had your problem resolved, but I had a similar issue and wanted to document it here so it could be found in the future.

 

I had the problem when turning on Windows Authentication - the PCs (but not the server) were prompted for credentials by the browser.  Entering correct credentials would fail, and eventually they would get a 401 error.

 

This is with IIS7.

 

I had to change the Provider order for Windows Authentication for the web site to NTLM first.

 

(To do this, open the IIS manager, then select  "Default Web Site" in the left pane, then double-click "Authentication" in the right pane, then select "Windows Authentication" in the middle pane and click "Providers" from the right.  Move NTLM up to the top.)

 

This won't fix every WA problem, but it might help someone in the future.  You should FIRST follow the directions in the documentation - this procedure is only if that fails.  (It seems like Negotiate is the default, but doesn't work for us...)

 

Hope this helps someone.

1 0
replied on March 25, 2014

Check out Brian McKeever's answer on this post. You need to set up impersonation with the Windows API.

0 0
replied on March 25, 2014

In that situation they had the username and password on the web server.  I don't think that's the case here.

0 0
replied on August 13, 2014

Thx all.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...