|
|
|
date: Wed, 5 Sep 2007 13:26:00 -0700,
group: microsoft.public.platformsdk.internet.server.isapi-dev
back
401 in IIS7 (VISTA)
We have an existing ISAPI application (created in MFC / C++) that works great
for a number of years on IIS 4, 5, 6. Now we face a problem when testing on
VISTA IIS7. Specifically, the ServerSupportFunction
(HSE_REQ_SEND_RESPONSE_HEADER, "401 Access Denied",....) does not result in
an authentication prompt in the browser. The ServerSupportFunction itself is
successful (returns TRUE). However the 401 error does not seem to make it to
browser. I have tried both local browser on the same VISTA baox as well as a
remote browser on another XP box with same result. Further, it is not a
firewall issue on VISTA because if I disable the anonymous authentication on
my application / site, the browser promptly displays the authentication
prompt. Thus the IIS itself returns the 401 response, however
programmatically returning the 401 as above in select methods in my ISAPI
application does not yield expected results. The app continues to work on
2003 server. In my application I have to allow anonymous execution of certain
methods, while others require us to verify user access. That is why we have
to enable both anonymous and basic authentication. Any clues? Has the
ServerSupportFunction changed in IIS7?
Thanks in advance,
Ganesh
date: Wed, 5 Sep 2007 13:26:00 -0700
author: systinte5
Re: 401 in IIS7 (VISTA)
On Sep 5, 1:26 pm, systinte5
wrote:
> We have an existing ISAPI application (created in MFC / C++) that works great
> for a number of years on IIS 4, 5, 6. Now we face a problem when testing on
> VISTA IIS7. Specifically, the ServerSupportFunction
> (HSE_REQ_SEND_RESPONSE_HEADER, "401 Access Denied",....) does not result in
> an authentication prompt in the browser. The ServerSupportFunction itself is
> successful (returns TRUE). However the 401 error does not seem to make it to
> browser. I have tried both local browser on the same VISTA baox as well as a
> remote browser on another XP box with same result. Further, it is not a
> firewall issue on VISTA because if I disable the anonymous authentication on
> my application / site, the browser promptly displays the authentication
> prompt. Thus the IIS itself returns the 401 response, however
> programmatically returning the 401 as above in select methods in my ISAPI
> application does not yield expected results. The app continues to work on
> 2003 server. In my application I have to allow anonymous execution of certain
> methods, while others require us to verify user access. That is why we have
> to enable both anonymous and basic authentication. Any clues? Has the
> ServerSupportFunction changed in IIS7?
> Thanks in advance,
> Ganesh
Depending on how and when your ISAPI Filter generates the 401
response, I can think of several changes within IIS7 that can break it
(for other good reasons). You will have to give more details of
exactly what your ISAPI is doing and in what filter event.
Even if your ISAPI does not work on IIS7, it will be TRIVIAL to
rewrite a native custom authentication module for IIS7. I would
recommend that, over trying to get the ISAPI to work, any day of the
week, because it is simply easier to do the right thing with a IIS7
custom authentication module vs. legacy ISAPI DLL going through
multiple compatibility layers that realistically give maybe 60%
compliance of original ISAPI behavior.
IIS6 is closer to about 90% compliant with original IIS4/IIS5 ISAPI
behavior. But when we rearchitected the underlying request pipeline
for IIS7, functional parity with ASP.Net for the future overshadowed
compatibility parity with ISAPI Filters for the past.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
date: Thu, 06 Sep 2007 11:43:30 -0000
author: David Wang
|
|
