|
Home > Archive > IIS Server Security > April 2004 > HTTP Error 401.5 - Unauthorized: Authorization failed by an ISAPI/CGI application.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
HTTP Error 401.5 - Unauthorized: Authorization failed by an ISAPI/CGI application.
|
|
|
| I have developed a simple ASP search facility which uses the Indexing
Service.
The page works on my machine, but when I moved it across to the live server
(Win2k3/IIS6) I get this error message:
HTTP Error 401.5 - Unauthorized: Authorization failed by an ISAPI/CGI
application.
Internet Information Services (IIS)
I'm assuming it's something to do with the indexing service?? I know IIS6 is
by default a lot more restrictive, but I have no idea where the problems
lies.
Any ideas?
cheers
Chris
Gratuitus Code snippet:
<%@ Language="VBScript" %>
<%
'=======================================
=============================
'Desc: Search for Material Spec documents
'Author: Chris Martin
'Created: 26/04/04
'Params:
'Modified:
'=======================================
=============================
Function PathToVpath(ByVal strPath)
Const strWebRoot = "c:\inetpub\wwwroot\"
strPath = Replace(strPath, strWebRoot, "\")
strPath = Replace(strPath, "\", "/")
PathToVpath = strPath
End Function
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd>
<html lang="en">
<head>
<title>Teconnex Engineering: Material Specs</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<link rel="stylesheet" href="matlspec.css">
</head>
<body>
<h2>Material Specifications</h2>
<form action="FindMatlSpec.asp" method="get" ID="Form1">
<fieldset id="search">
<legend>Enter Search Criteria:</legend>
<input type="text" name="query" ID="SearchString"/>
<input type="submit" value="Search" ID="Search" NAME="Search"/>
</fieldset>
</form>
<%
Dim strQuery ' The text of our query
Dim objQuery ' The index server query object
Dim rsResults ' A recordset of results returned from I.S.
Dim objField ' Field object for loop
Dim x
' Retreive the query from the querystring
strQuery = Request.QueryString("query")
' If the query isn't blank them proceed
If strQuery <> "" Then
' Create our index server object
Set objQuery = Server.CreateObject("IXSSO.Query")
' Set it's properties
With objQuery
.Catalog = Application("Catalog") ' Catalog to query
.MaxRecords = 20 ' Max # of records to return
.SortBy = "rank [d]"
.Columns = "filename, path, vpath, size, write, " _
& "characterization, DocTitle, DocAuthor, " _
& "DocKeywords, rank, hitcount"
' Build our Query: Hide admin page and FPSE pages
strQuery = "(" & strQuery & ")"
' Uncomment to only look for files modified last 5 days
'strQuery = strQuery & " AND @write > -5d"
.Query = strQuery ' Query text
End With
' To set more complex scopes we use the utility object.
' You can call AddScopeToQuery as many times as you need to.
' Shallow includes just files in that folder. Deep includes
' subfolders as well.
'
Dim objUtility
Set objUtility = Server.CreateObject("IXSSO.Util")
objUtility.AddScopeToQuery objQuery, Application("SearchPath"), "deep"
Set objUtility = Nothing
' Get a recordset of our results back from Index Server
Set rsResults = objQuery.CreateRecordset("nonsequential")
' Get rid of our Query object
Set objQuery = Nothing
With rsResults
' Check for no records
If .EOF Then
Response.Write "Sorry. No results found."
Else
' Print out # of results
Response.Write "<p><strong>"
Response.Write .RecordCount
Response.Write "</strong> results found:</p>"
' Loop through results
x = 1
Do While Not .EOF
%>
<div class="listing">
<%
' Loop through Fields
If .Fields("doctitle") = "" or IsNull(.Fields("doctitle")) Then
%>
<a href="<%=PathToVpath(.Fields("path"))%>" target="_blank"><%=x & ": " &
..Fields("filename")%></a>
<%
Else
%>
<a href="<%=PathToVpath(.Fields("path")) %>" target="_blank"><%=x & ": " &
..Fields("doctitle")%></a>
<%
End If
%>
<p><span class="column">Author: </span><%=.Fields("docauthor")%></p>
<p><span class="column">Last Modified:
</span><%=FormatDateTime(.Fields("write"),2) %></p>
<p><span class="column">Size: </span><%=CLng(.Fields("size"))/1024%>
Kb</p>
<p><span class="column">Keywords: </span><%=.Fields("dockeywords")%></p>
<p><span class="column">Description:
</span><%=.Fields("characterization")%></p>
</div>
<%
' Move to next result
.MoveNext
x = x + 1
Loop
End If
End With
' Kill our recordset object
Set rsResults = Nothing
End If
%>
</body>
</html>
| |
| WenJun Zhang[msft] 2004-04-28, 2:34 am |
| Hi Chris,
I've replied you in Index nesgroup.
Best regards,
WenJun Zhang
Microsoft Online Support
This posting is provided "AS IS" with no warranties, and confers no
rights.
Get Secure! - www.microsoft.com/security
|
|
|
|
|