No subject

Thu Aug 30 14:10:06 BST 2007

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to

server. That web server requires a challenge-response scheme such as "NTLM" 
or "Negotiate" for authentication.

A pseudo code listing of the script of the sequence follows:
    Set oXmlHttp = CreateObject("WinHttp.WinHttpRequest.5.1")
    oXmlHttp.Open "GET", "http://xxxxxxx", XmlHttp_Synchronous
    oXmlHttp.setRequestHeader "Content-Type", "text/xml; charset=utf-8"
    oXmlHttp.SetAutoLogonPolicy XmlHttp_AutoLogonPolicy_Always 
<--enables credentials

It does not appear that the SSPI acquired credentials are passed to the 
launched process in such a way that the WinHTTP interface and related 
security apparatus can use them.  The script communicates properly when I 
run the script interactively.  The script receives a 403/Forbidden within a 
CVSNT launched process.

Any suggestions?


1. Authentication in WinHTTP 
2. WinHttpRequestAutoLogonPolicy Enumeration 
3. SetAutoLogonPolicy Method of the IWinHttpRequest Interface 

More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook