IIS 6 401.2 Error - asp page requests another asp page [Answered]RSS

14 replies

Last post Sep 16, 2009 01:06 PM by tomkmvp

  • IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 12:00 PM|bruneaum|LINK

    Good day,

    IIS is setup for 'Integrated Windows Authentication' only on Windows 2003.  It is hosting an ASP site.  Users can login and access every page fine.  The issue arises when an asp file attempts to 'GET' another.  The 401.2:


    You are not authorized to view this page
    You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.

    Any help would be greatly appreciated.

     

     

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 01:22 PM|tomkmvp|LINK

    In this case your ASP code is acting as the browser, and it obviously does not support Windows Integrated authentication.  You'll need to also allow Basic and make sure you're explicitly including the connection credentials in your code.

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 04:26 PM|bruneaum|LINK

    Thanks for the reply - what you've said makes sense.  How would I go about explicitly providing the connection credentials, on <object>.Open("Get", http:\\username:password@url.....)?

    Thanks.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 04:47 PM|tomkmvp|LINK

    What object are you using?

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 04:59 PM|bruneaum|LINK

    set objHttp = Server.CreateObject(Msxml2.ServerXMLHTTP.3.0)
    objHttp.open "GET", <url>, false
    objHttp.setRequestHeader "User-Agent", Request.ServerVariables("HTTP_USER_AGENT")    
    objHttp.Send ""

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 15, 2009 05:25 PM|bruneaum|LINK

    Update:  When I change from Server.CreateObject(Msxml2.ServerXMLHTTP.3.0) to Server.CreateObject(Microsoft.XMLHTTP) it worked.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 10:21 AM|tomkmvp|LINK

    ServerXMLHTTP would be the better choice when the code is run from a server ...

    http://support.microsoft.com/kb/290761

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 10:40 AM|bruneaum|LINK

    Yes I would agree.  Any idea why it is not working?  I've installed the last version of the XML Parsers from MS.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 10:47 AM|tomkmvp|LINK

    ... as I said earlier, you need to explicitly authenticate ...

    http://msdn.microsoft.com/en-us/library/ms762265(VS.85).aspx

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 10:54 AM|bruneaum|LINK

     ...as I asked earlier...how to...

     Thanks for the link - it helped.  All works now.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 10:59 AM|tomkmvp|LINK

    MSDN is your friend ... : )

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 11:04 AM|bruneaum|LINK

     Yes it is.  The thing I'm not quite sure of - the production environment is working without passing any credentials.  I setup a QA environment and it doesn't work.  This is the real puzzle for us.  At least we do have a work around for the time being.

     Thanks for your help.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 11:58 AM|tomkmvp|LINK

    Is the production IIS log showing a cs-username value for these requests?

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/
  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 12:37 PM|bruneaum|LINK

     This is the line:

    2009-09-16 11:33:26 W3SVC1 <ip address> GET <url>.asp <param>=<value> 80 - <ip address> Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0

     

    Doesn't look like any username/password is being passed.

  • Re: IIS 6 401.2 Error - asp page requests another asp page

    Sep 16, 2009 01:06 PM|tomkmvp|LINK

    Which would mean that you're allowing anonymous access on production ...

    Tom Kaminski (former IIS MVP 2002-2010)
    http://mvp.support.microsoft.com/