Microsoft KB Archive/173742: Difference between revisions

From BetaArchive Wiki
m (Text replacement - ">" to ">")
m (Text replacement - """ to """)
Line 87: Line 87:
== RESOLUTION ==
== RESOLUTION ==


To fix this behavior, change the NTFS permissions on the Global.asa file to give the Anonymous Logon account -- as defined in the &quot;Internet Service Manager&quot; -- Read (RX) permissions. For instructions on setting file permissions, see Windows NT Help.<br />
To fix this behavior, change the NTFS permissions on the Global.asa file to give the Anonymous Logon account -- as defined in the "Internet Service Manager" -- Read (RX) permissions. For instructions on setting file permissions, see Windows NT Help.<br />
<br />
<br />


Line 108: Line 108:


<ol>
<ol>
<li>Create a new project in Visual InterDev. If you are not using Visual InterDev, create a new virtual root in the &quot;Internet Service Manager.&quot;</li>
<li>Create a new project in Visual InterDev. If you are not using Visual InterDev, create a new virtual root in the "Internet Service Manager."</li>
<li><p>Create a new .asp file and copy the following code into the file. Save the file. If you are not using Visual InterDev, copy the file to your virtual root folder.<br />
<li><p>Create a new .asp file and copy the following code into the file. Save the file. If you are not using Visual InterDev, copy the file to your virtual root folder.<br />
</p>
</p>
<pre class="codesample">  <%@ LANGUAGE=&quot;VBSCRIPT&quot; %>
<pre class="codesample">  <%@ LANGUAGE="VBSCRIPT" %>


   <HTML>
   <HTML>
   <HEAD>
   <HEAD>
   <META NAME=&quot;GENERATOR&quot; Content=&quot;Microsoft Visual InterDev 1.0&quot;>
   <META NAME="GENERATOR" Content="Microsoft Visual InterDev 1.0">
   <META HTTP-EQUIV=&quot;Content-Type&quot; content=&quot;text/html;
   <META HTTP-EQUIV="Content-Type" content="text/html;
     charset=iso-8859-1&quot;>
     charset=iso-8859-1">
   <TITLE>Document Title</TITLE>
   <TITLE>Document Title</TITLE>
   </HEAD>
   </HEAD>
   <BODY>
   <BODY>


   <%x=Session(&quot;session_var&quot;)
   <%x=Session("session_var")
   if x <>&quot;&quot; then
   if x <>"" then
       response.write &quot;Global.asa was executed.<br> Session_var=&quot;&amp;x
       response.write "Global.asa was executed.<br> Session_var="&amp;x
   else
   else
       response.write &quot;Global.asa was NOT executed.<br> Session_var=&quot;&amp;x
       response.write "Global.asa was NOT executed.<br> Session_var="&amp;x
   end if%>
   end if%>


   </BODY>
   </BODY>
   </HTML></pre></li>
   </HTML></pre></li>
<li><p>Copy the following code into your &quot;Global.asa&quot; file. Save the file. If you are not using Visual InterDev, create a new file named &quot;Global.asa.&quot; Copy and paste the following code into the file, and copy the file to the virtual root folder. Save the file.<br />
<li><p>Copy the following code into your "Global.asa" file. Save the file. If you are not using Visual InterDev, create a new file named "Global.asa." Copy and paste the following code into the file, and copy the file to the virtual root folder. Save the file.<br />
</p>
</p>
<pre class="codesample">  <SCRIPT LANGUAGE=&quot;VBScript&quot; RUNAT=&quot;Server&quot;>
<pre class="codesample">  <SCRIPT LANGUAGE="VBScript" RUNAT="Server">


   Sub Session_OnStart
   Sub Session_OnStart


       Session(&quot;session_var&quot;)=&quot;Hello&quot;
       Session("session_var")="Hello"


   End Sub
   End Sub

Revision as of 11:07, 21 July 2020

Article ID: 173742

Article Last Modified on 6/30/2006


APPLIES TO

  • Microsoft Active Server Pages 4.0
  • Microsoft Internet Information Server 4.0


This article was previously published under Q173742

We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SYMPTOMS

Session variables initialized in Global.asa's Session_onStart are empty when access to the Web requires authentication, even though the user has sufficient permissions to access the Web site. There are many possible error messages associated with this behavior; however, here's the most common:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Driver Manager] Data source name not found and no
default driver specified

/<web name>/<asp filename>.asp, line xx


NOTE: This problem applies only to Microsoft Internet Information Server 4.0 on Windows NT with NTFS. This does not apply to virtual roots hosted on an FAT partition

CAUSE

Active Server Pages (ASP) requires Anonymous access to Global.asa regardless of the authentication process.

RESOLUTION

To fix this behavior, change the NTFS permissions on the Global.asa file to give the Anonymous Logon account -- as defined in the "Internet Service Manager" -- Read (RX) permissions. For instructions on setting file permissions, see Windows NT Help.


STATUS

Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article.

This problem was corrected in Windows 2000.

MORE INFORMATION

Steps to reproduce the behavior

  1. Create a new project in Visual InterDev. If you are not using Visual InterDev, create a new virtual root in the "Internet Service Manager."

  2. Create a new .asp file and copy the following code into the file. Save the file. If you are not using Visual InterDev, copy the file to your virtual root folder.

       <%@ LANGUAGE="VBSCRIPT" %>

   <HTML>
   <HEAD>
   <META NAME="GENERATOR" Content="Microsoft Visual InterDev 1.0">
   <META HTTP-EQUIV="Content-Type" content="text/html;
    charset=iso-8859-1">
   <TITLE>Document Title</TITLE>
   </HEAD>
   <BODY>

   <%x=Session("session_var")
   if x <>"" then
      response.write "Global.asa was executed.<br> Session_var="&x
   else
      response.write "Global.asa was NOT executed.<br> Session_var="&x
   end if%>

   </BODY>
   </HTML>

  3. Copy the following code into your "Global.asa" file. Save the file. If you are not using Visual InterDev, create a new file named "Global.asa." Copy and paste the following code into the file, and copy the file to the virtual root folder. Save the file.

       <SCRIPT LANGUAGE="VBScript" RUNAT="Server">

   Sub Session_OnStart

      Session("session_var")="Hello"

   End Sub
   </SCRIPT>
  4. Restrict permissions on the Web. To do this, first explore out to your virtual root folder. Next, right-click the folder and click Properties from the Shortcut menu. Next, click the Security tab and click Permissions. From the Directory Permissions dialog box, remove Everyone (if present) and the Internet Guest Account from the Name list. Next, make sure the Replace Permissions on Existing Files check box is selected. Finally, click OK.
  5. Preview the file -- in a browser -- created in step 2. Result: The Web page does not display the value of the session variable initialized in Global.asa.


REFERENCES

For the latest Knowledge Base articles and other support information on Visual InterDev and Active Server Pages, see the following page on the Microsoft Technical Support site:

http://support.microsoft.com/search/default.aspx?qu=vinterdev


Keywords: kbbug kbfix kbaspobj kboswin2000fix kbiis500fix KB173742



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/173742&oldid=344850
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki