|This FAQ applies to a common issue that is often seen with versions of SE prior to 5.0 (i.e. SE 3.x, SE 4.x), and then only when IIS is used as the webserver.
NOTE: If you are using SE 5.x or newer, you won't likely run into this problem at all, and won't likely need to perform the steps given in this FAQ, since those versions of SE use form-based authentication rather than BASIC authentication for password protecting access to the SE admin UI.
First make sure Basic Authentication is enabled as described in Chapter 2 of the ServletExec Installation Guide.
If the username/password dialog box at the browser mentions ServletExec then it is ServletExec that doesn't like the username/password. Otherwise it is Windows NT that doesn't like the username/password. In the latter case make sure the username/password you specified is a valid Windows NT user in the local domain.
If you need to specify a user in a network domain then configure IIS basic authentication to use that network domain instead of the local domain. This can be done by going to the "Authentication Methods" dialog as described in Chapter 2 of the ServletExec Installation Guide and then selecting Edit.
If you have made certain that your website has Basic Authentication enabled (as shown in fig. 6 of Chp.2 of the ServletExec 4.1 Installation Guide), and yet the authentication dialog that is popping up in Internet Explorer browser has a 3rd field labeled "Domain" and does not have the word "ServletExec" anywhere on it,
then you need to disable (uncheck) one of the check boxes shown in that figure.
The checkbox that you must uncheck is called:
- NT Challenge Response (for Windows NT)
- Integrated Windows Authentication - IWA (for Windows 2000 and above)
This setting is also sometimes referred to as NTLM
Then close all IE browser windows, get a fresh browser window and try to hit http://<servername>/servlet/admin again.
This time the pop-up authentication dialog should only have 2 text areas: one for username, and one for password.
And it should have the words "Realm: ServletExec Admin" somewhere on it. Then it should accept your username and password.
The "Authentication Methods" dialog box for IIS exists at a few different levels...
If you do not want NTLM Authentication to be disabled at the global or website level then you may choose to Enable it at either of those levels and then access the "Authentication Methods" dialog box for the
- The Global/Master level, to set Authentication methods for all websites
- The website level, to set them differently for each individual IIS website
- The DLL level, to set them differently for each individual ISAPI filter
ServletExec_Adapter.dll file itself, and turn off NTLM at that level. This would be done by viewing the contents of the Virtual folder named "Scripts" (done in IIS not on the hard-drive) and opening the properties dialog of the
ServletExec_Adapter.dll file shown there in the IIS Management console. See FAQ #180 for a few more details.
FAQ #1 may also be of interest.
FAQ #378 may also be of interest.