No subject

Thu Aug 30 14:10:06 BST 2007

server. That web server requires a challenge-response scheme such as "NTLM" 
or "Negotiate" for authentication.

A pseudo code listing of the script of the sequence follows:
    Set oXmlHttp = CreateObject("WinHttp.WinHttpRequest.5.1")
    oXmlHttp.Open "GET", "http://xxxxxxx", XmlHttp_Synchronous
    oXmlHttp.setRequestHeader "Content-Type", "text/xml; charset=utf-8"
    oXmlHttp.SetAutoLogonPolicy XmlHttp_AutoLogonPolicy_Always 
<--enables credentials

It does not appear that the SSPI acquired credentials are passed to the 
launched process in such a way that the WinHTTP interface and related 
security apparatus can use them.  The script communicates properly when I 
run the script interactively.  The script receives a 403/Forbidden within a 
CVSNT launched process.

Any suggestions?


1. Authentication in WinHTTP 
2. WinHttpRequestAutoLogonPolicy Enumeration 
3. SetAutoLogonPolicy Method of the IWinHttpRequest Interface 

More information about the cvsnt mailing list