David
Tue Aug 12 18:01:47 CDT 2003
I am doubtful the current behavior will ever change (I tried -- I think it's
a broken perf optimization). Per the KB, there is a client-side setting for
this behavior -- so this is a client-side behavior that is unavoidable by
the server..
--
//David
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Neil Weller" <google@timewave.co.uk> wrote in message
news:434bb797.0308120522.a8b2a29@posting.google.com...
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:<#mJ$qAKYDHA.1900@TK2MSFTNGP10.phx.gbl>...
> This is the KB
>
http://support.microsoft.com/default.aspx?scid=kb;en-us;251404
>
> There's no server-side solution to this and no way around it. Basically,
IE
> is "caching" the fact that it thinks a website is authenticated, hence it
> sends a zero byte POST (it assumes that a 401 will come back due to
> authentication, which it will re-negotiate and send the POST entity body
> later at that time). However, when you make IE POST to an anonymous vdir,
> the 401 doesn't come back (anonymous doesn't have authentication), so the
> web page gets the zero byte POST and IE doesn't get a chance to send the
> real POST entity body.
>
> I recommend that you use uniform authentication, split things into two
> different sites, or have all of the pages which use POST use the same
> authentication (Integrated).
>
David,
Thanks for the info. Is this something that is considered a bug or is
it classed as acceptable behaviour by MS? It seems to go back quite a
way.
I cannot use different authentication as I need to get the username
for one aspect of the site and for another I need to run as a known
user (We are using CDO to get at exchange) and the customer does not
want to have to log in.
I will try setting up a different sites rather than vdirs, that
shouldn't be a problem for them. I would be interested to know if
this is on a fix list somewhere...
Thanks again,
Neil