Closed roadling closed 5 years ago
Not necessarily bad. Could be IIS configuration based on the type of authentication. Here is an older article explaining some use of 401 challenge/response: https://support.microsoft.com/en-us/help/264921/how-iis-authenticates-browser-clients
Does the 401 response have a WWW-Authenticate header? This allows the client to start an authentication handshake.
https://blogs.technet.microsoft.com/mist/2018/02/14/windows-authentication-http-request-flow-in-iis/
this describes exactly what I am seeing and is apparently normal.
I have an IIS 7.5 instance bound to Tomcat 8.5 on an internally hosted application.
IIS is configured to use Windows Authentication (NTLM and Negotiate providers in that order) and is resolving my credentials correctly.
When I look at the network activity for my application I see two 401 errors for each initial GET, see attached. It doesn't burn a lot of time but I have to think I have something configured wrong with the connector or IIS or is this somehow a normal?
Edit: Specifically why am I getting two 401 errors. I expect one with NTLM. I just cannot find a reason for two per GET.