Microsoft KB Archive/924375

= You are repeatedly prompted for credentials when you use SecurID authentication to access a document or program that is published by ISA Server 2006 =

Article ID: 924375

Article Last Modified on 12/13/2006

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
 * Microsoft Internet Security and Acceleration Server 2006 Standard Edition
 * Microsoft Internet Explorer 6.0

-



SYMPTOMS
Consider the following scenario. In Microsoft Internet Explorer, you click a link to download a document or a program. For example, you click a link to download a file from a Microsoft SharePoint Portal site. When you are prompted for credentials, you type valid credentials on the SecurID logon form that appears. You are eventually informed that your credentials have been authenticated.

You are then automatically redirected to the download site. Internet Explorer blocks the redirection, and then options are displayed on the Internet Explorer information bar. However, when you click the Download file option, Internet Explorer unexpectedly reloads the logon form. Additionally, you receive an error message that states that you have entered an invalid SecurID password.



CAUSE
This issue occurs if the following conditions are true:
 * The download site that you try to access is published by a Microsoft Internet Security and Acceleration (ISA) Server computer. For example, you try to access a Microsoft SharePoint Portal site that is published by an ISA Server computer.
 * The Single Sign On (SSO) feature is disabled for the published Web site.
 * SecurID credentials are required for authentication.
 * You use Internet Explorer to access the download site.

The authentication attempt is unsuccessful because the browser resends a POST request together with a one-time password when you click Download File on the Internet Explorer information bar. But because the one-time password was already authenticated when you entered the credentials on the SecurID logon form, this password cannot be used again. Therefore, the logon attempt is unsuccessful.



WORKAROUND
To work around this issue, add the URL of the published Web site to the trusted sites list in Internet Explorer. To do this, follow these steps:
 * 1) On the Internet Explorer Tools menu, click Internet Options.
 * 2) Click the Security tab, click Trusted sites, and then click Sites.
 * 3) In the Trusted sites dialog box, type the URL of the published Web site in the Add this Web site to the Zone box. Click Add, and then click OK two times.

Keywords: kbexpertiseinter kbexpertiseadvanced kbtshoot KB924375

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.