FIX: A Threat Management Gateway 2010 Forms-based authentication password change may fail because of multiple favicon.ico requests from the client browser

Article translations Article translations
Article ID: 2595975 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

Consider the following scenario. You use Microsoft Forefront Threat Management Gateway (TMG) 2010 to web publish a server, and you use Forms-based authentication. Then, a user is automatically re-directed to the password change form if his or her password must be changed. In this scenario, if the client browser sends a favicon.ico request between the initial logon and the change password submission, the password change fails, and the user is re-directed back to the logon page.

CAUSE

The browser sends a favicon.ico request when a website is first accessed. The browser uses this request to obtain custom icons from that website for display.

Windows Internet Explorer 8, Windows Internet Explorer 9, and Google Chrome all retry the favicon.ico request if the initial request fails. If this re-request is made between the initial logon and the password change submission, this re-request clears the TMG authentication cookie and breaks the password change process. To determine whether the client is making a favicon.ico request between the initial logon and the later password change request, check the TMG log files.

RESOLUTION

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

REFERENCES

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2595975 - Last Review: October 31, 2011 - Revision: 2.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Enterprise
  • Microsoft Forefront Threat Management Gateway 2010 Standard
  • Microsoft Forefront Threat Management Gateway 2010 Service Pack 1
Keywords: 
kbfix kbbug kbexpertiseinter kbsurveynew KB2595975

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com