The request failed with HTTP status 403: Forbidden.

ASMX Web Services and XML Serialization

Luis Esteban Valencia Muñoz

Hello I got a webservice that works fine on my machine windows xp with sp2 and iis5, when I move it to the production server I got this error.

Both on development machine and testing machine has anonymous authetnication turned on and alo windows integrated authentication.

The request failed with HTTP status 403: Forbidden.

Ws.WSKepler ws;

#region Singleton

private Delegados()

{

ws = new WSKepler();

ws.UseDefaultCredentials = true;

Localizator objLocalizator = Localizator.GetInstance();

ws.Url = Localizator.WebServiceUrl;

//ws.Credentials = System.Net.CredentialCache.DefaultCredentials;

UsernameClientAssertion assert = new UsernameClientAssertion("admin", "nimda");

// create policy

Policy policy = new Policy();

policy.Assertions.Add(assert);

// and set it to web service

ws.SetPolicy(policy);

}

This is the web.config

xml version="1.0" >

<!--

Note: As an alternative to hand editing this file you can use the

web admin tool to configure settings for your application. Use

the Website->Asp.Net Configuration option in Visual Studio.

A full list of settings and comments can be found in

machine.config.comments usually located in

\Windows\Microsoft.Net\Framework\v2.x\Config

-->

<configuration>

<configSections>

<!-- Register WSE config section -->

<section name="microsoft.web.services3" type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>

</configSections>

<appSettings/>

<connectionStrings/>

<system.web>

<!--

Set compilation debug="true" to insert debugging

symbols into the compiled page. Because this

affects performance, set this value to true only

during development.

-->

<compilation debug="true">

<assemblies>

<add assembly="Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>

<add assembly="System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>

<add assembly="System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>

<add assembly="System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>

<add assembly="System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>

<add assembly="System.Security, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>

<add assembly="System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>

<add assembly="System.Configuration.Install, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/></assemblies></compilation>

<!--

The <authentication> section enables configuration

of the security authentication mode used by

ASP.NET to identify an incoming user.

-->

<authentication mode="None"/>

<!--

The <customErrors> section enables configuration

of what to do if/when an unhandled error occurs

during the execution of a request. Specifically,

it enables developers to configure html error pages

to be displayed in place of a error stack trace.

<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">

<error statusCode="403" redirect="NoAccess.htm" />

<error statusCode="404" redirect="FileNotFound.htm" />

</customErrors>

-->

<webServices>

<!-- Don't forget to disabled GET, POST protocols for web services -->

<protocols>

<remove name="HttpPost"/>

<remove name="HttpGet"/>

</protocols>

<!-- Enable WSE 3.0 -->

<soapServerProtocolFactory type="Microsoft.Web.Services3.WseProtocolFactory, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>

</webServices>

<trust level="Full"/>

</system.web>

<microsoft.web.services3>

<diagnostics>

<trace enabled="true" input="InputTrace.webinfo" output="OutputTrace.webinfo"/>

</diagnostics>

<security>

<securityTokenManager>

<!-- Register our custom Username token manager -->

<add type="LibUserNameAssertion.ServiceUsernameTokenManager, LibUserNameAssertion" namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" localName="UsernameToken"/>

</securityTokenManager>

</security>

<policy fileName="wse3policyCache.config"/>

</microsoft.web.services3>

</configuration>



Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Daniel Roth

Are both the production server and the development server on the same domain

Daniel Roth





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Luis Esteban Valencia Munoz

Yes they are!



Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Binoj Rajan

Two possible simple reason from my understanding

1. If this particular webservice is not deployed by you to production, check whether you have access to production servers.

2. If you are having access then check the "Execute Permissions" of the webservice in the virtual directory. If it is set to "None", then change it to "Scripts Only" or "Scripts and Executables".

Thanks,

- BINOJ





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Luis Esteban Valencia Munoz

It already has execute permissions on the virtual directory.

If I navigate in the browser to the URL of the webservice it works fine! so isnt it a problem on the code





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Pablo Cibraro

Hi,

Did you check the eventlog for any error in WSE .

Regards,

Pablo.





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Luis Esteban Valencia Munoz

Its an error on Internet explorer configuration, by default it has no proxy configured, so it doesnt work, after I setup the proxy it works, the strange thing is that I am on an intranet so it should not use the proxy.

Anyway I checked the checkbox that says, dont use proxy on local connections.


After it it works, the problem is how can I detect that at runtime on code





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Luis Esteban Valencia Munoz

I found the problem, its an ie proxy problem.

Its disabled by deffault, If I enable proxy then the winform that consumes the ws works fine, If I disable the proxy on IE7 it doesnt work.

How can I detect that at runtiime





Top

Re: ASMX Web Services and XML Serialization The request failed with HTTP status 403: Forbidden.

Daniel Roth

By default, web service proxies will use the same proxy settings as used by IE. You can get access to the IWebProxy implementation that will be used by default by accessing the System.Net.GlobalProxySelection.Select property. You can override the proxy settings for your web service proxy by setting the Proxy property.

Daniel Roth





Top