StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POmake an http post from server using user credentials - integrated security
text
Body
copied!<p>I'm trying to make a post, from an asp classic server side page, using the user credentials...</p> <p>I'm using msxml2.ServerXMLHTTP to programatically make the post</p> <p>I've tried with several configurations in the IIS 5.1 site, but there's no way I can make IIS run with a specified account...</p> <p>I made a little asp page that runs whoami to verify what account the iis process i using...</p> <p>with IIS 5.1, using integrated security the process uses:</p> <p>my_machine\IWAM_my_machine</p> <p>I disable integrated security, and leave a domain account as anonymous access, and I get the same (¿?)</p> <p>to test the user I do the following</p> <pre><code> private function whoami() dim shell, cmd set shell = createObject("wscript.shell") set cmd = shell.exec( server.mapPath( "whoami.exe" ) ) whoami = cmd.stdOut.readAll() set shell = nothing: set cmd = nothing end function </code></pre> <p>is it because I'm issuing a shell command?</p> <p>I'd like to make http post calls, to another site that works with integrated security...</p> <p>So I need some way to pass the credentials, or at least to run with a specified account, and then configure the remote site to thrust that account...</p> <p>I thought that just setting the site to work with integrated security would be enough...</p> <p>How can I achieve such a thing?</p> <p>ps: with IIS6,happens the same but if I change the pool canfiguration I get the following info from whoami</p> <p>NT AUTHORITY\NETWORK SERVICE </p> <p>NT AUTHORITY\LOCAL SERVICE</p> <p>NT AUTHORITY\SYSTEM </p> <p>if I set a domain account, I get a "service unavailable" message...</p> <p>edit: found this</p> <p><a href="http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/275269ee-1b9f-4869-8d72-c9006b5bd659.mspx?mfr=true" rel="nofollow noreferrer">http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/275269ee-1b9f-4869-8d72-c9006b5bd659.mspx?mfr=true</a></p> <p>it says what I supossed, "If an authenticated user makes a request, the thread token is based on the authenticated account of the user", but somehow I doesn't seem to work like that... what could I possibly be missing?</p> <p>edit:</p> <p>well the whoami thing is obviously fooling me, I tried with the following function</p> <p><pre><code> private function whoami_db( serverName, dbName ) dim conn, data</p> <pre><code>set conn = server.createObject("adodb.connection") conn.open "Provider=SQLOLEDB.1;Integrated Security=SSPI;" & _ "Initial Catalog=" & dbName & ";Data Source=" & serverName set data = conn.execute( "select suser_sname() as user_name" ) whoami_db = data("user_name") data.close: conn.close set data = nothing: set conn = nothing </code></pre> <p>end function </pre></code></p> <p>and everything seemed to be working fine... </p> <p>but how can I make msxml2.ServerXMLHTTP work with the user credentials???</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload