Hi Mark, Thanks for the thoughts. I checked web.config and it does not have the requestFiltering section.
Cheers, Xiaofeng On Tue, Nov 17, 2015 at 1:33 PM, Mark King <[email protected]> wrote: > Is it possible IIS is blocking requests from unknown user agents? > > > > See > http://www.dantor.com/support/misc/web-config-requestFiltering-user-agent.aspx > > > > I doubt that is it but it is worth a look maybe. > > > > Also what happens if you give the app pool identity full control in IIS > (temporarily to check if it works)? > > > > > > *From:* [email protected] [mailto:[email protected]] *On > Behalf Of *Charlie Arehart > *Sent:* Tuesday, 17 November 2015 12:12 PM > *To:* [email protected] > *Subject:* RE: [cfaussie] CF11 Scheduled Task Not Running - 401 > Unauthorized > > > > Well, I have four thoughts for you to consider: > > A) Focusing on it first as a scheduled task in CF, if the request works > from a browser (including one like an incognito window) and yet it does not > work in the scheduled task mechanism—for the exact same URL—then I would > think there should be no problem with IIS. If there were, the request from > the browser wouldn’t work. > > And CF would not itself cause the request to act differently in requesting > the URL than the browser would—other than not being able to do Windows > auth, which you’ve proven with the incognito window is not the problem. > > As such, I don’t know what is making that fail. > > B) As for the rest of your note, well, you can add authentication info in > the app pool (in its advanced settings page), as well as at the site level > (in its advanced settings page). Again, though, if the request works from a > browser, then I’d not think you have a problem in IIS. > > I’ll just say that one can get lost in the weeds of permissions in IIS, at > the app pool, site, and folder levels. If you’re needing to do all that > sort of tweaking just in order for things to work, it could be sticky > finding a solution. (But gain, if it works in a browser, then I’d not see > how any such permissions issues would change how the EXACT SAME URL works > from CF.) > > C) Actually, I just had a thought: when you say you are running the URL in > a browser, are you running that browser on the same machine where CF is > running? If not, beware that you may have a DNS or other issue, where the > domain in the URL may resolve differently from your workstation to the > destination server, than it may from the CF server to itself. (I’m assuming > that the scheduled task URL is a CFM page running on your own server, since > you’re looking at IIS with regard to it.) > > If you try the URL from a browser on the server running CF, is it the same > issue? And in an incognito or private window? > > D) If that’s not it, one more thought (which I’ve seen work before) would > be to try creating a new site (and a new app pool) and seeing if you (in a > browser) and then CF (as a sched task) could access the URL. You may need > to come up with a new IP, domain name, or port to use for the bindings to > distinguish it from the existing site. If it then worked, then you could > consider how this new site and app pool may differ from the failing one, if > perhaps you or someone else has been doing some tinkering with settings. > > If that’s not helpful, I’m afraid I’m out of ideas for now. > > /charlie > > > > *From:* [email protected] [mailto:[email protected] > <[email protected]>] *On Behalf Of *Xiaofeng Liu > *Sent:* Monday, November 16, 2015 5:45 PM > *To:* [email protected] > *Subject:* Re: [cfaussie] CF11 Scheduled Task Not Running - 401 > Unauthorized > > > > Hi Charlie, > > > > Thanks for offering the tips of testing from "incognito and private > window". I tried both and both of them did not prompt me for > authentication. So I am able to run the scheduled task even from there > without problem. > > > > Back to IIS, from the Basic Settings I can see the site is using > "Pass-through authentication" - ApplicationPoolIdentity. Basically I got > "Anonymous Authentication" turned on already. I also noticed that there is > an warning (exclamation mark) for Authorization which says "Cannot verify > access to path - [webroot of the site]". > > <snip> > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/cfaussie. > For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/cfaussie. > For more options, visit https://groups.google.com/d/optout. > -- Best regards, Xiaofeng,^_^ -- You received this message because you are subscribed to the Google Groups "cfaussie" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cfaussie. For more options, visit https://groups.google.com/d/optout.
