AuthPersistence

  • Article

The AuthPersistence property specifies authentication persistence across requests on a connection using NTLM authentication.

**[IIS 6.0]**When the AuthPersistSingleRequest flag is set to true when using NTLM authentication, IIS 6.0 automatically reauthenticates every request, even those on the same connection. (Reauthenticating every request also occurs on all other authentication schemes.)

**[IIS 5.0][IIS 5.1]**On IIS 5.0 and IIS 5.1, there are two other flags for the AuthPersistence property specifying persistence based on the existence of a proxy server.

Schema Attributes

Attribute Name

Value

ADSI/WMI Data Type

DWORD

ABO Data Type

DWORD_METADATA

Schema Default

AuthPersistSingleRequest

Internal Default

Not specified.

Upper Bound

0

Lower Bound

Not specified

Internal ID

6031

Friendly ID

MD_AUTHORIZATION_PERSISTENCE

Property Attributes

INHERIT

User Type

IIS_MD_UT_FILE

Configurable Locations

You can configure this property at the following locations in the IIS metabase.

Metabase Path

IIS Admin Object Type

/LM/W3SVC

IIsWebService

/LM/W3SVC/n

IIsWebServer

/LM/W3SVC/n/ROOT/file_name

/LM/W3SVC/n/ROOT/virtual_directory_name/file_name

IIsWebFile

/LM/W3SVC/n/ROOT/physical_directory_name

/LM/W3SVC/n/virtual_directory_name/physical_directory_name

IIsWebDirectory

/LM/W3SVC/n/ROOT

/LM/W3SVC/n/ROOT/virtual_directory_name

IIsWebVirtualDir

Flags

Flag Name

AuthPersistSingleRequest

Versions Applicable

[IIS 5.0][IIS 5.1][IIS 6.0]

Description

Setting this flag to true specifies that authentication persists only for a single request on a connection. IIS resets the authentication at the end of each request, and forces re-authentication on the next request of the session.

Bitmask

64 (hex 0x00000040)

Friendly Bitmask ID

MD_AUTH_SINGLEREQUEST

Internal ID

6283

Flag Name

AuthPersistSingleRequestAlwaysIfProxy

Versions Applicable

[IIS 5.0][IIS 5.1]

Description

Setting this flag to true specifies that authentication is valid for a single request if by proxy. IIS will reset the authentication at the end of the request and force re-authentication on the next request if the current authenticated request is by proxy of any type.

Bitmask

256 (hex 0x00000100)

Friendly Bitmask ID

MD_AUTH_SINGLEREQUESTALWAYSIFPROXY

Internal ID

6285

Flag Name

AuthPersistSingleRequestIfProxy

Versions Applicable

[IIS 5.0][IIS 5.1]

Description

Setting this flag to true specifies authentication will persist only across single requests on a connection if the connection is by proxy. IIS will reset the authentication at the end of the request if the current authenticated request is by proxy and it is not the special case where IIS is running MSPROXY.

Bitmask

128 (hex 0x00000080)

Friendly Bitmask ID

MD_AUTH_SINGLEREQUESTIFPROXY

Internal ID

6284

Requirements

Client: Requires or Windows XP Professional.

Server: Requires or Windows Server 2003.

Product: IIS

See Also