2

My website is working with some ISP while it is not working with others. Also not working from other countries. The app is hosted at our company. Developed using sharepoint asp.net.

The app works at my home. But if I visit the website at my brother's home who is registered to different ISP, the website opens and a login dialog appears. When entering correct username and password then submit , textboxs cleared and dialog come again.

The problem is happening with many visitors. I just want to know what would be the problem! Does anyone faced such problem before?

I checked all IIS restrictions. There is no restrictions made.

I created a new app using sharepoint with login page and it works great.

somebody said that users with public ip can access the site while others with dhcp cannot. Can somebody explain that !

Mohammad Hammadi
  • 733
  • 2
  • 11
  • 34
  • Hypothesis #1: they can be resolving to different servers. Try running `host lms.pu.edu.lb` both from your machine and your brothers and posting the results here. – Ivan Oct 25 '16 at 14:20
  • Hypothesis #2: you can have the password cached. Try opening the site in incognito window and another browser and see if that can be still be open on your machine. – Ivan Oct 25 '16 at 14:21
  • Hypothesis #3: `.htaccess` file for that server requests logins from certain IP's. Do you have access to the server administration? – Ivan Oct 25 '16 at 14:22
  • I tried the below on both places(Home and brother) and I get the same result. >host lms.pu.edu.lb 'host' is not recognized as an internal or external command, operable program or batch file. >ping lms.pu.edu.lb Pinging lms.pu.edu.lb [212.98.140.155] with 32 bytes of data: Reply from 212.98.140.155: bytes=32 time=23ms TTL=108 Ping statistics for 212.98.140.155: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), – Mohammad Hammadi Oct 25 '16 at 15:21
  • I also have the password prompt so in the same situation as your brother. Let's try testing #3 then – Ivan Oct 25 '16 at 15:58
  • The app is developed using asp.net. so I think there is no htaccess file. All configuration are written in web.config file. I have access to server. But now im home. Tomorrow I will be there. What should I search for? – Mohammad Hammadi Oct 25 '16 at 17:47
  • Try following steps from this article and see if there are any restrictions configured https://support.microsoft.com/en-us/kb/324066 (without actually adding new ones) – Ivan Oct 25 '16 at 17:51
  • Ivan, There are no restrictions. This is the code for security in web.config: `code` `code` – Mohammad Hammadi Oct 26 '16 at 07:46

2 Answers2

0

This should be a comment, but I do not have enough to post it as such.

Are sure that it is not a browser issue? Is the login dialog from SharePoint, your app or the browser itself? If it is from your app, can you debug it or write the log-in attempts in a log?

djvuk
  • 370
  • 3
  • 15
  • The login dialog is from the app. Since sharepoint project structure is not clear, I cant find the class which handle the login form. The app is created by company, not developed by me. – Mohammad Hammadi Oct 26 '16 at 11:57
  • Maybe the authentication is not properly configured on your IIS. Check this thread: [link](http://stackoverflow.com/questions/5402381/receiving-login-prompt-using-integrated-windows-authentication) – djvuk Oct 26 '16 at 12:19
  • It is not direct related to the IIS, It is more like the arp, rarp and dns configuration of the host. I had same issue, i was able to resolve but im not skilled enough to explain. Try to look further on dns. – Anderson Oki Oct 28 '16 at 22:38
0

Some ISPs have transparent proxies in use. And some of them are accidentally (or even intentionally) broken and cache more, than they should. You can check whether that's the problem:

Set up your server to also allow https and then use that. You should move to https for privacy reasons anyways, so just do it now ;) This way, the proxy can't do anything but to pass the data between client and server unmodified.

If that is not an option: Use tcpdump/wireshark/other-sniffer on both - client and server - at the same time and compare the logs. Did the second access even make it to the server?

Do you have a laptop/tablet/smartphone with which you can access the web server? Try moving that laptop from one location to the other and check, whether it works with that one laptop using one ISP and fails with the same laptop on the other ISP.

Bodo Thiesen
  • 2,476
  • 18
  • 32
  • Bodo. I will allow https today and I will try if it is gonna solve the problem. Does allowing https needs time? Like 2 days ? – Mohammad Hammadi Nov 01 '16 at 06:31
  • no, you will have to configure your web server to allow https connections and then it should work instantly (of course, without certificates, you're gonna get warnings like "cant verify certificate" and so on, but that doesn't mean it won't work, it just means, you're being annoyed). – Bodo Thiesen Nov 01 '16 at 21:27
  • Thanks Bodo, allowing https connections solved the problem. – Mohammad Hammadi Nov 02 '16 at 06:57