I have the following code that creates a serveride object of class xmlhttp. I am trying to connect to a site that requires basic authentication. I can get this to work with the code below.
What is the problem? Well, I am passing credentials using an open call. This alone is not enough. I also have to set the authorization header with a manually calculated base 64 encoding username: password. If I try to set the header without passing credentials to an open call, it fails. Call me crazy, but when I delegate authority to the open, all I have to do is. If I set a title, that’s all I need to do. Correctly? To do both it seems that something is wrong. Correctly?
Is this a bug or a failure?
Additional background: IIS 5 and ASP Classic The error received if one of the two elements is missing is the HTTP 401 state: "You do not have permission to view this page You do not have permission to view this directory or page using the credentials you provided, because your web browser is sending a WWW-Authenticate header field that the web server is not configured to accept. "
Since IIS makes a request, I cannot check it with Fiddler: - (
Set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
xmlhttp.setTimeouts 5000, 5000, 10000, 10000 'ms - resolve, connect, send, receive
xmlhttp.open "GET", "http://example.com/", False, "username", "password"
xmlhttp.setRequestHeader "Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ="
xmlhttp.send
source
share