Issues regarding MSXML ServerXMLHttp object

Author: Lindgren Magnus, Teknikhuset AB.

Published: 2006-01-09

Applies to:

Content Studio - all versions

Type: Information

Symptoms

When you use the ServerXMLHTTP object to access a Content Studio website that is using Integrated Windows authentication you may receive errors like: "Access Denied", "Unauthorized" or "The server name or address could not be resolved."

Cause

MSXML depends on Microsoft Windows HTTP Services. If the WinHTTP proxy configuration settings that are required by the ServerXMLHTTP object have not been set or have been incorrectly set on the computer on which the ServerXMLHTTP code is being executed, the error occurs.

The proxy configuration utility sets the default authentication policy. Because you should not perform NTLM authentication with untrusted hosts, by default, NTLM authentication only occurs automatically with hosts on the proxy bypass list. If there is no proxy, you can still use ProxyCfg.exe to specify a bypass list of hosts that you trust to perform NTLM authentication. A proxy name is required when using ProxyCfg.exe for this purpose, but you can use any valid string in place of a real proxy name.

Resolution

To fix this issue, use Proxycfg.exe to configure the settings for the serverXMLHTTP object.
The utility is located in Windows system32 directory.
In the bypass list, add the address of the website that the serverXMLHTTP object is establishing
a connection to.

1. Open a command prompt on the Server.

2. Use one of the following syntax:

2a. If you are using a Proxy Server

        Type the Server name, port and bypass list(this parameter is enclosed with quotation marks).

        proxycfg -d -p Proxy1:80  "http://www.company.se"

2b. If you are not using a Proxy Server

        If you are not using a proxy server, you must specify a fake proxy and include a bypass list. The name
        of the fake proxy can be any name.

        proxycfg -d -p fake_proxy  "http://www.company.se"

NOTE:
For the bypass parameter you can specify a wildcard character (*) and you can separate multiple
bypass adresses by typing a semicolon (;) between adresses. Examples:

"*.company.se"
"*.company.se;*.company2.com"