Microsoft KB Archive/927672

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 10:25, 21 July 2020 by X010 (talk | contribs) (Text replacement - ">" to ">")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


Server activation fails when you use a SOAP WSDL moniker to activate a COM+ SOAP-enabled server on a computer that is running Windows Vista

Article ID: 927672

Article Last Modified on 4/25/2007


APPLIES TO

  • Windows Vista Enterprise
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Ultimate
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Home Premium
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Home Basic
  • Windows Vista Home Basic 64-bit Edition


SYMPTOMS

When a client computer uses a SOAP Web Services Description Language (WSDL) moniker to activate a COM+ SOAP-enabled server on a computer that is running Windows Vista, server activation fails. Additionally, you receive an error page that resembles the following:

HTTP Error 404.11 - Not Found

Description: The request filtering module is configured to deny a request that contains a double escape sequence.

Error Code: 0x00000000

Notification: BeginRequest

Module: RequestFilteringModule

Requested URL: <RequestedURL>

Physical Path: <PhysicalPath>

Logon User: Not yet determined

Logon Method: Not yet determined

Handler: HttpRemotingHandlerFactory-rem-Integrated

Most likely causes:

The request contained a double escape sequence and request filtering is configured on the Web server to deny double escape sequences.
What you can try:

Verify the configuration/system.webServer/security/requestFiltering@allowDoubleEscaping setting in the applicationhost.config or web.confg file.

More Information... This is a security feature. Do not change this feature unless the scope of the change is fully understood. You should take a network trace before changing this value to confirm that the request is not malicious. If double escape sequences are allowed by the server, modify the configuration/system.webServer/security/requestFiltering@allowDoubleEscaping setting. This could be caused by a malformed URL sent to the server by a malicious user.




Server Version Information: Internet Information Services 7.0.

CAUSE

This problem is not a COM+ SOAP service-specific problem. This problem occurs because of a Microsoft Internet Information Services (IIS) 7.0 security enhancement in Windows Vista. When a client computer activates a COM+ SOAP-enabled server, .NET Framework remoting generates a URL. However, the URL that .NET Framework remoting generates contains a double escape sequence. By default, IIS 7.0 rejects URLs that contain a double escape sequence. Therefore, IIS 7.0 denies the request with a 404.11 (not found) error message, and the server activation fails.

Note URLs that contain a double escape sequence work in earlier versions of IIS.

WORKAROUND

To work around this problem, follow these steps:

  1. Locate the following directory:

    %windir%\System32\inetsrv\config

  2. Open the applicationHost.config file in a text editor such as Notepad.

  3. In the applicationHost.config file, locate the following code:

    <section name="requestFiltering" overrideModeDefault="Deny" />

  4. Replace the code that you found in step 3 with the following code:

    <section name="requestFiltering" overrideModeDefault="Allow"/>
  5. Locate the following diretory:

    %windi%\System32\com

  6. Double-click the directory of the SOAP-enabled server that you want to activate.
  7. Open the web.config file in a text editor such as Notepad.

  8. In the web.config file, locate the following code:

    </configuration>

  9. Replace the code that you found in step 8 with the following code:

      <system.webServer>
        <security>
            <requestFiltering allowDoubleEscaping="True"/>
        </security>
    </system.webServer>
</configuration>


STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

REFERENCES

For more information about .NET Framework remoting, visit the following Microsoft Developer Network Web site:

http://msdn2.microsoft.com/en-us/library/kwdt6w2k(vs.71).aspx



Additional query words: IIS COM+ SOAP .NET Remoting 404.11

Keywords: kbtshoot kbcode kbbug kbprb KB927672



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/927672&oldid=336614
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki