IIS Server Security - IIS 6.0 givex 403 when asp page is requested by winhhtprequest

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > January 2004 > IIS 6.0 givex 403 when asp page is requested by winhhtprequest





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author IIS 6.0 givex 403 when asp page is requested by winhhtprequest
Nikhil

2004-01-24, 1:55 am

I am using winHttprequest object to make a request to an
asp page sitting on a different server. The IIS server
returns a HTTP 403 error. If i request the same asp page
using a browser the page is served. What security setting
to i need to change to allow the request.
Ken Schaefer

2004-01-24, 1:55 am

Is anonymous authentication enabled on the IIS server?

Cheers
Ken

"Nikhil" <anonymous@discussions.microsoft.com> wrote in message
news:ca2501c3ba36$67336e50$a601280a@phx.gbl...
: I am using winHttprequest object to make a request to an
: asp page sitting on a different server. The IIS server
: returns a HTTP 403 error. If i request the same asp page
: using a browser the page is served. What security setting
: to i need to change to allow the request.


Andrew Davis [MS]

2004-01-24, 1:55 am

Nikhil,

It's sounds like the object your using is passing different credentials to
the other IIS server than your browser. IE will try an pass the credentials
of the interactive (logged on) user, and when accessing via the
WinHTTPObject different credentials are being sent.

It may be sending anonymous credentials, so Ken is right on with asking if
anonymous access is allowed on the remote IIS servers however you may want
to specify explicit credentials for your WinHTTPObject to use. Try posting
to the WinInet Isapi newsgroup for more info on this. There may also be
some good docs on TechNet.

I found "SetCredentials" for use with the WinHttpRequest object - Hope this
helps!
http://msdn.microsoft.com/library/d...-us/winhttp/htt
p/iwinhttprequest_setcredentials.asp

This posting is provided "AS IS" with no warranties, and confers no rights.

Thanks!
~Andrew Davis
Microsoft PSS Security

--------------------
| From: "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com>
| References: <ca2501c3ba36$67336e50$a601280a@phx.gbl>
| Subject: Re: IIS 6.0 givex 403 when asp page is requested by
winhhtprequest
| Date: Thu, 4 Dec 2003 21:55:40 +1100
| Lines: 14
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <#GylrUluDHA.684@TK2MSFTNGP09.phx.gbl>
| Newsgroups: microsoft.public.inetserver.iis.security
| NNTP-Posting-Host: dsl-203-33-161-224.nsw.netspace.net.au 203.33.161.224
| Path:
cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
.phx.gbl!TK2MSFTNGP09.phx.gbl
| Xref: cpmsftngxa07.phx.gbl microsoft.public.inetserver.iis.security:7600
| X-Tomcat-NG: microsoft.public.inetserver.iis.security
|
| Is anonymous authentication enabled on the IIS server?
|
| Cheers
| Ken
|
| "Nikhil" <anonymous@discussions.microsoft.com> wrote in message
| news:ca2501c3ba36$67336e50$a601280a@phx.gbl...
| : I am using winHttprequest object to make a request to an
| : asp page sitting on a different server. The IIS server
| : returns a HTTP 403 error. If i request the same asp page
| : using a browser the page is served. What security setting
| : to i need to change to allow the request.
|
|
|

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com