Re: Access denied ( From one site to another, that is in another server)
From: Henry Ma (henry@rcsworks.com)
Date: 02/12/03
- Next message: gg: ".Net IIS security missing features"
- Previous message: Kevin Burton: "Using RSA from ASP.NET"
- Maybe in reply to: Gabriela De Feo: "Re: Access denied ( From one site to another, that is in another server)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Henry Ma" <henry@rcsworks.com> Date: Wed, 12 Feb 2003 16:16:38 -0500
Hi, Bassel,
I set
<identity impersonate="true" userName="DomainName/username"
password="password"/>
in web.config, I got error:
Configuration Error
Description: An error occurred during the processing of a configuration file
required to service this request. Please review the specific error details
below and modify your configuration file appropriately.
Parser Error Message: Could not create Windows user token from the
credentials specified in the config file. Error from the operating system 'A
required privilege is not held by the client. '
But I use the same userName and password for <processModel> section of
machine.config, it is fine.
Why and how to solve it?
Thank you.
My real problem is as follow:
By default, my web service can not access the file on remote machine, so I
changed userName and password in <processModel> section of machine.config
file, it works fine. The problem is my change affects all web services on
one computer, I like to have a solution so that I can set userName and
password for one web service, but not other web services on the same
computer.
"Bassel Tabbara [MSFT]" <basselt@online.microsoft.com> wrote in message
news:76amZTxwCHA.2148@cpmsftngxa08...
> Gabriela,
> No Problem. I hope that I could help you as soon as possible with the
issue
> that you are facing.
>
> In the impersonation section of your web.config, place a domain username
> and password that can access the remote file.
> This means that the user has the proper NTFS permissions on the remote
> server.
> In your web config, the identity section will look like:
> <identity impersonate="true" userName="DomainName/username"
> password="password"/>
>
> On the other hand, you can implement impersonation through code and revert
> back to the ASPNet account after accessing
> the remote resource.
>
> You might check the following Kb article on how to implement impersonation
> through code:
>
> 306158: INFO: Implementing Impersonation in an ASP.NET
> http://support.microsoft.com/?id=306158
>
> Please let me know if you still running through any problem with this.
>
>
> Thanks,
> Bassel Tabbara
> Microsoft, ASP.NET
>
> This posting is provided "AS IS", with no warranties, and confers no
rights.
>
> --------------------
> | From: "Gabriela De Feo" <gdefeo@rmya.com.ar>
> | References: <OmlZ7lWwCHA.1624@TK2MSFTNGP11>
> <Ld$1RkXwCHA.2600@cpmsftngxa06> <eJq4PJYwCHA.2680@TK2MSFTNGP09>
> <YI8cZrYwCHA.1128@cpmsftngxa08> <ev55wOZwCHA.2476@TK2MSFTNGP10>
> <MLyorWawCHA.2148@cpmsftngxa08> <#xK45yhwCHA.2652@TK2MSFTNGP11>
> <n7kSomiwCHA.2416@cpmsftngxa08>
> | Subject: Re: Access denied ( From one site to another, that is in
another
> server)
> | Date: Wed, 22 Jan 2003 15:27:10 -0300
> | Lines: 536
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> | Message-ID: <ePYBIPkwCHA.2796@TK2MSFTNGP12>
> | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | NNTP-Posting-Host: 200.80.152.106
> | Path: cpmsftngxa08!cpmsftngxa06!TK2MSFTNGP08!TK2MSFTNGP12
> | Xref: cpmsftngxa08
microsoft.public.dotnet.framework.aspnet.security:3763
> | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> |
> | Bassel,
> | I am sorry that I have to bother you again, but I always get "Access
> denied"
> |
> | I am working at the next scenario:
> |
> | .Net Site
> |
> | - IIS Security:
> |
> | Basic Authentication
> |
> | - Web config:
> |
> | <authentication mode="Windows" />
> |
> | <authorization>
> |
> | <allow users="*" />
> |
> | <deny users="?" />
> |
> | </authorization>
> |
> | <identity impersonate="true"/>
> |
> | - Code:
> |
> | Dim oXMLDocument As MSXML2.DOMDocument30
> |
> | oXMLDocument = New MSXML2.DOMDocument30()
> |
> | oXMLDocument.Load(sURL)
> |
> | .Asp Site
> |
> | - IIS Security:
> |
> | Integrated Authentication
> |
> | If the ASP site is located in the same server where is the NET site I
have
> | no problems, but If it is in another one, oXMLDocument.parseError.reason
> | returns "Access denied".
> |
> | Note: The second server has install DotNet Framework too.
> |
> | Thanks
> |
> | "Bassel Tabbara [MSFT]" <basselt@online.microsoft.com> wrote in message
> | news:n7kSomiwCHA.2416@cpmsftngxa08...
> | > Hello Gabriela,
> | > You don't need to configure anything more for the scenario of basic
> | > authentication. In fact, Basic and windows integrated allows
delegation
> | but
> | > you
> | > need to impersonate the user as I described it in my previous post.
> | > For Reading an xml file, you can use the XMLDomDocument with the
proper
> | > permission to the file that you are reading it.
> | >
> | > Thanks,
> | > Bassel Tabbara
> | > Microsoft, ASP.NET
> | >
> | > This posting is provided "AS IS", with no warranties, and confers no
> | rights.
> | >
> | >
> | > --------------------
> | > | From: "Gabriela De Feo" <gdefeo@rmya.com.ar>
> | > | References: <OmlZ7lWwCHA.1624@TK2MSFTNGP11>
> | > <Ld$1RkXwCHA.2600@cpmsftngxa06> <eJq4PJYwCHA.2680@TK2MSFTNGP09>
> | > <YI8cZrYwCHA.1128@cpmsftngxa08> <ev55wOZwCHA.2476@TK2MSFTNGP10>
> | > <MLyorWawCHA.2148@cpmsftngxa08>
> | > | Subject: Re: Access denied ( From one site to another, that is in
> | another
> | > server)
> | > | Date: Wed, 22 Jan 2003 10:47:45 -0300
> | > | Lines: 395
> | > | X-Priority: 3
> | > | X-MSMail-Priority: Normal
> | > | X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> | > | Message-ID: <#xK45yhwCHA.2652@TK2MSFTNGP11>
> | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | > | NNTP-Posting-Host: 200.80.152.106
> | > | Path:
cpmsftngxa08!cppssbbsa01.microsoft.com!TK2MSFTNGP08!TK2MSFTNGP11
> | > | Xref: cpmsftngxa08
> | microsoft.public.dotnet.framework.aspnet.security:3757
> | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> | > |
> | > | Do I have to configure something more?
> | > |
> | > | Or it is enough configuring the security of the sites? (Site .NET,
> Basic
> | > | Authentication---->Site ASP, Windows Authentication)
> | > |
> | > | What do I have to use to obtain an XML from an ASP page?
> XMLDomDocument,
> | > | HTTPRequest, or there is someting different? Remember that the ASP
> page
> | > | belongs to the site that has Windows Authentication.
> | > |
> | > |
> | > |
> | > |
> | > |
> | > | "Bassel Tabbara [MSFT]" <basselt@online.microsoft.com> wrote in
> message
> | > | news:MLyorWawCHA.2148@cpmsftngxa08...
> | > | > Gabriela,
> | > | > Yes you can delegate the token using Basic Authentication. So your
> | > | > scenario should work.
> | > | >
> | > | >
> | > | > Thanks,
> | > | > Bassel Tabbara
> | > | > Microsoft, ASP.NET
> | > | >
> | > | > This posting is provided "AS IS", with no warranties, and confers
no
> | > | rights.
> | > | >
> | > | >
> | > | > --------------------
> | > | > | From: "Gabriela De Feo" <gdefeo@rmya.com.ar>
> | > | > | References: <OmlZ7lWwCHA.1624@TK2MSFTNGP11>
> | > | > <Ld$1RkXwCHA.2600@cpmsftngxa06> <eJq4PJYwCHA.2680@TK2MSFTNGP09>
> | > | > <YI8cZrYwCHA.1128@cpmsftngxa08>
> | > | > | Subject: Re: Access denied ( From one site to another, that is
in
> | > | another
> | > | > server)
> | > | > | Date: Tue, 21 Jan 2003 18:26:49 -0300
> | > | > | Lines: 310
> | > | > | X-Priority: 3
> | > | > | X-MSMail-Priority: Normal
> | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
> | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> | > | > | Message-ID: <ev55wOZwCHA.2476@TK2MSFTNGP10>
> | > | > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> | > | > | NNTP-Posting-Host: 200.80.152.106
> | > | > | Path: cpmsftngxa06!TK2MSFTNGP08!TK2MSFTNGP10
> | > | > | Xref: cpmsftngxa06
> | > | microsoft.public.dotnet.framework.aspnet.security:3719
> | > | > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> | > | > |
> | > | > | If insted of configure the ASP.NET Application for Windows
> | > | > Authentication, I
> | > | > | configure it for Basic Authentication, can I avoid use Kerberos
> and
> | > use
> | > | > | something simpler?
> | > | > |
> | > | > | The scenario would like this:
> | > | > |
> | > | > | Site .Net (Basic Authentication) ------> Site asp(Windows
> | > | Authentication)
> | > | > |
> | > | > |
> | > | > | "Bassel Tabbara [MSFT]" <basselt@online.microsoft.com> wrote in
> | > message
> | > | > | news:YI8cZrYwCHA.1128@cpmsftngxa08...
> | > | > | > Steps to configure an ASP.NET / IIS delegation
> | > | > | > scenario:
> | > | > | >
> | > | > | > - check the "Enable Integrated Windows Authentication
(requires
> | > | > restart)"
> | > | > | > option in the Tools - Internet Options - Advanced Tab
> | > | > | >
> | > | > | > This setting enables Internet Explorer to respond to a
negotiate
> | > | > challenge
> | > | > | > and perform Kerberos authentication. If not running on Windows
> | 2000
> | > | > | > or higher Internet Explorer does not respond to a negotiate
> | > challenge
> | > | > and
> | > | > | > default to NTLM (or Windows NT Challenge/Response)
> authentication
> | > even
> | > | > if
> | > | > | > the
> | > | > | > Enable Integrated Windows Authentication (requires restart)
> check
> | > box
> | > | is
> | > | > | > selected because this feature requires Windows 2000 or higher.
> | > | > | >
> | > | > | > NOTE: Administrators can enable Integrated Windows
> Authentication
> | by
> | > | > | > setting the
> | > | > | > EnableNegotiate DWORD value to 1 in the following registry
key:
> | > | > | >
> | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
> | > | > | > Settings
> | > | > | > There are some issues where Kerberos may fail on the Internet
> | > Explorer
> | > | > | > client. See the following articles in the Microsoft
> | > | > | > Knowledgebase:
> | > | > | >
> | > | > | > - 321728: Internet Explorer Does Not Support Kerberos
> | > | > | > AuthenticationKBLink:321728.kb.en-us:
> | > | > | > - 325608: PRB: Authentication Delegation Through Kerberos Does
> Not
> | > | > | > WorkKBLink:325608.kb.en-us:
> | > | > | > - 280830: Kerberos Authentication May Not Work If User Is in
> Many
> | > | > | > GroupsKBLink:280830.kb.en-us:
> | > | > | > - 264921: INFO: How IIS Authenticates Browser
> | > | > | > ClientsKBLink:264921.kb.en-us:
> | > | > | >
> | > | > | > 2. Web Server (IIS 5.0 or higher):
> | > | > | >
> | > | > | > a. ASP.NET Application - Windows Authentication and
> | > | > | > Impersonation:
> | > | > | >
> | > | > | > - configured for Windows Authentication
> | > | > | >
> | > | > | > -IIS Management Console
> | > | > | >
> | > | > | > -turn off Anonymous access, Basic and Digest authentication
for
> | the
> | > | > | > application
> | > | > | >
> | > | > | > To configure a web application for Windows authentication open
> the
> | > | > | Internet
> | > | > | > Information Services tool, expand the
> | > | > | > Default Web Sites node, right-click your web application, goto
> | > | > Properties,
> | > | > | > choose Directory Security, click the Edit
> | > | > | > button for Anonymous access and authentication control and
turn
> | off
> | > | > | > Anonymous access, Basic and Digest
> | > | > | > authentication for the application.
> | > | > | >
> | > | > | > NOTE: Internet Explorer will always pick the first
> authentication
> | > | scheme
> | > | > | if
> | > | > | > given the option of choosing
> | > | > | > from multiple authentication schemes. For example, if
Anonymous
> | > | > | > authentication is enabled and listed
> | > | > | > before Windows Authentication, Internet Explorer will try to
> | > | > authenticate
> | > | > | > anonymously. If this fails it picks
> | > | > | > the next authentication method and tries to authenticate with
> | > Windows
> | > | > | > authentication.
> | > | > | >
> | > | > | > - web.config file
> | > | > | >
> | > | > | > -<allow users="*" /> and
> | > | > | > <deny users="?" /> in the <configuration> section
> | > | > | > - <authentication mode="Windows" /> in the <system.web>
section
> | > | > | >
> | > | > | > - configured for Impersonation
> | > | > | >
> | > | > | > - <identity impersonate="true" /> in the web.config file
> | > | > | >
> | > | > | > -306158: INFO: Implementing Impersonation in an ASP.NET
> | > | > | > http://support.microsoft.com/?id=306158
> | > | > | > -317012: INFO: Process and Request Identity in
> | > | > | > http://support.microsoft.com/?id=317012
> | > | > | > -315736: HOW TO: Secure an ASP.NET Application by Using
> | > | > | > http://support.microsoft.com/?id=315736
> | > | > | >
> | > | > | > b. Active Directory - Delegation:
> | > | > | >
> | > | > | > Delegation has to be enabled on all machines participated on
> | > Kerberos
> | > | > | > Delegation, it can be configured in the Active Directory
tools.
> | > | > | >
> | > | > | > - Active Directory Users and Computers tool
> | > | > | >
> | > | > | > - machine is "trusted for delegation"
> | > | > | >
> | > | > | > To configure a computer as trusted for delegation , open the
> | Active
> | > | > | > Directory Computers tool, expand the Domain Name node,
> | > | > | > expand the Computers node, right-click the computer you want
to
> | > | > | configure,
> | > | > | > choose properties from the context menu and check
> | > | > | > the Computer ist Trusted for Delegation option.
> | > | > | >
> | > | > | > - Active Directory Users and Groups tool
> | > | > | >
> | > | > | > - delegating account is "trusted for delegation"
> | > | > | >
> | > | > | > By default, the Aspnet_wp.exe process runs under a computer
> | account
> | > | > named
> | > | > | > ASPNET. To verify that the application account can act
> | > | > | > as a delegate, open the Active Directory Users And Groups
tool,
> | > | > | right-click
> | > | > | > the the User object in question, choose Properties from the
> | > | > | > context menu, click the account menu, scroll down until you
see
> | > | Account
> | > | > | > Ias Trusted for Delegation in the Account Options box.
> | > | > | > Make sure the option is checked.
> | > | > | >
> | > | > | > NOTE: You do not need to perfom this step if the service is
> | running
> | > as
> | > | > | > LocalSystem because this account automatically supports the
> | > | > | > trusted for delegation capability. Running ASP.NET as
> LocalSystem
> | > | > | (userName
> | > | > | > = "SYSTEM" in the <processModel> section in the
> | > | > | > machine.config file) is by default "trusted for delegation"
> | > | > | >
> | > | > | > - accounts to be delegated (domain users) are not marked as
> | > "sensitive
> | > | > and
> | > | > | > cannot be delegated"
> | > | > | >
> | > | > | > To verify the user's account can be delegated, open the
Active
> | > | > Directory
> | > | > | > Users and Groups tool, right-click the User object in
question,
> | > | > | > choose Properties from the context menu, click the Account
tab,
> | > scroll
> | > | > | down
> | > | > | > until you see Account Is Sensitive And Cannot Be Delegated
> | > | > | > in the Account Options box. Make sure the option is not
checked.
> | > | > | >
> | > | > | > See the following article in the Microsoft Knowledgebase:
> | > | > | >
> | > | > | > 325894: HOW TO: Set Computer/User Accounts to Be
> | > | > | > http://support.microsoft.com/?id=325894
> | > | > | >
> | > | > | > Thanks,
> | > | > | > Bassel Tabbara
> | > | > | > Microsoft, ASP.NET
> | > | > | >
> | > | > | > This posting is provided "AS IS", with no warranties, and
> confers
> | no
> | > | > | rights.
> | > | > | >
> | > | > | > --------------------
> | > | > | > | From: "Gabriela De Feo" <gdefeo@rmya.com.ar>
> | > | > | > | References: <OmlZ7lWwCHA.1624@TK2MSFTNGP11>
> | > | > | > <Ld$1RkXwCHA.2600@cpmsftngxa06>
> | > | > | > | Subject: Re: Access denied ( From one site to another, that
is
> | in
> | > | > | another
> | > | > | > server)
> | > | > | > | Date: Tue, 21 Jan 2003 16:22:25 -0300
> | > | > | > | Lines: 329
> | > | > | > | MIME-Version: 1.0
> | > | > | > | Content-Type: multipart/alternative;
> | > | > | > | boundary="----=_NextPart_000_005E_01C2C169.4904BF90"
> | > | > | > | X-Priority: 3
> | > | > | > | X-MSMail-Priority: Normal
> | > | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
> | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> | > | > | > | Message-ID: <eJq4PJYwCHA.2680@TK2MSFTNGP09>
> | > | > | > | Newsgroups:
microsoft.public.dotnet.framework.aspnet.security
> | > | > | > | NNTP-Posting-Host: 200.80.152.106
> | > | > | > | Path: cpmsftngxa06!TK2MSFTNGP08!TK2MSFTNGP09
> | > | > | > | Xref: cpmsftngxa06
> | > | > | microsoft.public.dotnet.framework.aspnet.security:3716
> | > | > | > | X-Tomcat-NG:
microsoft.public.dotnet.framework.aspnet.security
> | > | > | > |
> | > | > | > | Hello Bassel, first of all I want to tell you tank you very
> much
> | > for
> | > | > | > responding me soon.
> | > | > | > | The url of the first article that you send me is wrong. I
> | coudnīt
> | > | > access
> | > | > | > to it.
> | > | > | > | I will tell you more about the context of my problem so that
> you
> | > can
> | > | > | help
> | > | > | > me more
> | > | > | > | My web application need to authenticate every user,
therefore
> | I'm
> | > | > using
> | > | > | > Integrated Windows Authentication.
> | > | > | > | The machine.config has
> | > | > | > | <processModel enable="true" timeout="Infinite"
> | > | idleTimeout="Infinite"
> | > | > | > shutdownTimeout="0:00:05" requestLimit="Infinite"
> | > | > requestQueueLimit="5000"
> | > | > | > restartQueueLimit="10" memoryLimit="60" webGarden="false"
> | > | > | > cpuMask="0xffffffff" userName="SYSTEM" password="AutoGenerate"
> | > | > | > logLevel="Errors" clientConnectedCheck="0:00:05"
> | > | > | > comAuthenticationLevel="Connect"
> | comImpersonationLevel="Impersonate"
> | > | > | > responseRestartDeadlockInterval="00:09:00"
> | > | > | > responseDeadlockInterval="00:03:00" maxWorkerThreads="25"
> | > | > | > maxIoThreads="25"/>
> | > | > | > | The web.config has
> | > | > | > | <authentication mode="Windows" />
> | > | > | > | <authorization>
> | > | > | > | <allow users="*" />
> | > | > | > | <deny users="?"/>
> | > | > | > | </authorization>
> | > | > | > | <identity impersonate="true"/>
> | > | > | > | I am tryng to acces to the Project Server site, wich is in
> | another
> | > | > | server
> | > | > | > and has Integrated Windows Authentication. This site has to
> return
> | a
> | > | > xml.
> | > | > | > | As you tell me I need to delegate security, but I donīt know
> | how.
> | > | > | > | If you can help me to do it I will appreciate it
> | > | > | > | Gaby
> | > | > | > | "Bassel Tabbara [MSFT]" <basselt@online.microsoft.com> wrote
> in
> | > | > message
> | > | > | > news:Ld$1RkXwCHA.2600@cpmsftngxa06...
> | > | > | > | > Hello Gabriela,
> | > | > | > | > You are running into a delegation issue here. Delegation
is
> | the
> | > | next
> | > | > | > step
> | > | > | > | > up from impersonation. Rather than just being able to
access
> | > local
> | > | > | > | > resources on behalf of the client, delegation supports
the
> | > | > accessing
> | > | > | > of
> | > | > | > | > remote resources on behalf of the client. When you are
> trying
> | to
> | > | > | access
> | > | > | > | > from a one server to get to another server, the account
> | > | credentials
> | > | > | > must be
> | > | > | > | > passed along so you can access the document on the second
> | > server.
> | > | > | > | >
> | > | > | > | > When users browse to an ASP.NET Web site, they request
that
> | some
> | > | > code
> | > | > | > run
> | > | > | > | > on the server. All processes run within the security
context
> | of
> | > a
> | > | > | > specific
> | > | > | > | > account. By default, ASPNET engines runs under aspnet
> account.
> | > | This
> | > | > | > account
> | > | > | > | > has access to the IIS server computer but is not allowed
to
> | > access
> | > | > | > shared
> | > | > | > | > folders on other computers. Therefore, you must configure
> the
> | > IIS
> | > | > | > computer
> | > | > | > | > so that it uses an account other than the aspnet account.
> | > | > | > | >
> | > | > | > | > After IIS is set to run under another account, you must
give
> | > that
> | > | > | > account
> | > | > | > | > permission to all of the files and folders that are needed
> to
> | > use
> | > | > the
> | > | > | > | > remote Access database.
> | > | > | > | >
> | > | > | > | > The following article describes thoroughly the steps
needed
> to
> | > | allow
> | > | > | > you to
> | > | > | > | > access the remote resource.
> | > | > | > | > 810572 HOW TO: Setup an IIS / ASP.NET Delegation Scenario
> | > | > | > | > http://support.microsoft.com/?id=810572
> | > | > | > | >
> | > | > | > | > 306158 INFO: Implementing Impersonation in an ASP.NET
> | > Application
> | > | > | > | > http://support.microsoft.com/?id=306158
> | > | > | > | > The section entitled as "Impersonate the Authenticating
User
> | in
> | > | > Code"
> | > | > | > might
> | > | > | > | > be beneficial to you.
> | > | > | > | >
> | > | > | > | >
> | > | > | > | > Thanks,
> | > | > | > | > Bassel Tabbara
> | > | > | > | > Microsoft, ASP.NET
> | > | > | > | >
> | > | > | > | > This posting is provided "AS IS", with no warranties, and
> | > confers
> | > | no
> | > | > | > rights.
> | > | > | > | >
> | > | > | > | >
> | > | > | > | > --------------------
> | > | > | > | > | From: "Gabriela De Feo" <gdefeo@rmya.com.ar>
> | > | > | > | > | Subject: Access denied ( From one site to another, that
is
> | in
> | > | > | another
> | > | > | > | > server)
> | > | > | > | > | Date: Tue, 21 Jan 2003 13:24:40 -0300
> | > | > | > | > | Lines: 72
> | > | > | > | > | MIME-Version: 1.0
> | > | > | > | > | Content-Type: multipart/alternative;
> | > | > | > | > | boundary="----=_NextPart_000_002C_01C2C150.7458DB40"
> | > | > | > | > | X-Priority: 3
> | > | > | > | > | X-MSMail-Priority: Normal
> | > | > | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
> | > | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> | > | > | > | > | Message-ID: <OmlZ7lWwCHA.1624@TK2MSFTNGP11>
> | > | > | > | > | Newsgroups:
> | microsoft.public.dotnet.framework.aspnet.security
> | > | > | > | > | NNTP-Posting-Host: 200.80.152.106
> | > | > | > | > | Path: cpmsftngxa06!TK2MSFTNGP08!TK2MSFTNGP11
> | > | > | > | > | Xref: cpmsftngxa06
> | > | > | > microsoft.public.dotnet.framework.aspnet.security:3707
> | > | > | > | > | X-Tomcat-NG:
> | microsoft.public.dotnet.framework.aspnet.security
> | > | > | > | > |
> | > | > | > | > | Both web site have Integrated Windows Authentication.
> | > | > | > | > | If I try to connect from my site to another that is in
> | another
> | > | > | server
> | > | > | > I
> | > | > | > | > get "Access denied".
> | > | > | > | > | If the second site is in the same server, I can conect
> | > | correctly.
> | > | > | > | > | Note: The second site is not in a Dotnet Framework
> | > | > | > | > | The code is as follows:
> | > | > | > | > | sURL = "http://srv01/projectserver/LgnIntAu.asp"
> | > | > | > | > | Dim oXMLDocument As XmlDocument
> | > | > | > | > | oXMLDocument = New XmlDocument()
> | > | > | > | > | oXMLDocument.Load(sURL)
> | > | > | > | > | Please Help me !!!!!
> | > | > | > | > | Thanks
> | > | > | > | > |
> | > | > | > | >
> | > | > | > | > Thanks,
> | > | > | > | > Bassel Tabbara
> | > | > | > | > Microsoft, ASP.NET
> | > | > | > | >
> | > | > | > | > This posting is provided "AS IS", with no warranties, and
> | > confers
> | > | no
> | > | > | > rights.
> | > | > | > | >
> | > | > | > | >
> | > | > | > |
> | > | > | >
> | > | > | >
> | > | > | >
> | > | > | >
> | > | > |
> | > | > |
> | > | > |
> | > | >
> | > |
> | > |
> | > |
> | >
> |
> |
> |
>
>
- Next message: gg: ".Net IIS security missing features"
- Previous message: Kevin Burton: "Using RSA from ASP.NET"
- Maybe in reply to: Gabriela De Feo: "Re: Access denied ( From one site to another, that is in another server)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
