I recently hit a hurdle when exposing a demo website restricted by IIS Windows Authentication using an Amazon Web Services (AWS) Elastic Load Balancer (ELB). The symptoms were that the website requested the credentials, as expected, but would then continue to request these for every hit of the website resulting in an unusable user experience of countless logins.
The problem appears to be in the way the ELB forwards on the credentials.
To overcome this issue simply changes the ELB listener from the default Load Balancer and Instance Protocol of HTTP to TCP. The problem will then disappear.
Sample ELB listener configuration
Proactive self-starter with a great breadth and depth of technical expertise. Extensive knowledge of cloud, Internet, and security technologies in addition to heterogeneous systems spanning Windows, *nix, virtualisation, application and systems management, networking, and automation. Evangelist of innovative technology, best practice, shrewd operational processes, and quality documentation. With an exceptional work ethic. Professional, diplomatic and approachable, always dependable and striving for customer satisfaction. Able to work well under pressure, independently or within a team, and use own initiative, with excellent communication skills and competence for designing and implementing creative solutions to quality, time and budget.
cloudninjablog 
My guess is that because TCP does not modify the header of the packet as mentioned here: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-listener-config.html
That obviates the need to retransmit the credentials as Microsoft’s website makes it clear they pay attention to the header:
http://technet.microsoft.com/en-us/library/cc959507.aspx
Great post!
LikeLike
I haven’t had any issues keeping it as HTTP. This is 2016, upgrades?
LikeLike
Hi,
I recently try ELB with instances having IIS hosted website with Windows authentication.
With HTTPS protocol, I received multiple login prompts so switched to secure TCP. That fix this issue.
Now ELB with secure TCP connection is not maintaining the request stickiness. And not loading the website properly.
Since I can’t use ELB stickiness feature with TCP, can you suggest some ideas to get over this issue?
Posting again wrong email address
LikeLike