No subject
Thu Aug 30 14:10:06 BST 2007
server. That web server requires a challenge-response scheme such as "NTLM"
or "Negotiate" for authentication.
A pseudo code listing of the script of the sequence follows:
Set oXmlHttp = CreateObject("WinHttp.WinHttpRequest.5.1")
oXmlHttp.Open "GET", "http://xxxxxxx", XmlHttp_Synchronous
oXmlHttp.setRequestHeader "Content-Type", "text/xml; charset=utf-8"
oXmlHttp.SetAutoLogonPolicy XmlHttp_AutoLogonPolicy_Always
<--enables credentials
oXmlHttp.send
It does not appear that the SSPI acquired credentials are passed to the
launched process in such a way that the WinHTTP interface and related
security apparatus can use them. The script communicates properly when I
run the script interactively. The script receives a 403/Forbidden within a
CVSNT launched process.
Any suggestions?
Rg,
Mike
References:
1. Authentication in WinHTTP
"http://msdn2.microsoft.com/en-us/library/aa383144.aspx"
2. WinHttpRequestAutoLogonPolicy Enumeration
"http://msdn2.microsoft.com/en-us/library/aa384107.aspx"
3. SetAutoLogonPolicy Method of the IWinHttpRequest Interface
"http://msdn2.microsoft.com/en-us/library/aa384050.aspx"
More information about the cvsnt
mailing list