msxml4.dll error 80070005 Access denied

Hi all

I've tried the Microsoft news groups, no help. Hoping someone here can help me out. Our XML guy has written some code. The is a line of code as follows:

oXMLServerHTTP.Send( strXML )

When anyone tried to load this document they get the following error:

msxml4.dll error '80070005'

Access is denied.

It's pretty damn beat. Anyone have any idea why this would be happening?

The offending document looks like this:

<%@LANGUAGE="VBSCRIPT" %>
<%Option Explicit %>
<!-- #include file="../_egames.inc" -->
<!-- #include file="./_shipping.inc" -->

<%'*** Code sample below will attempt to retrieve shipping quote from UPSonline
'*** The package weighs 4.0 lbs.
'*** The package will be shipped from ZIP code 17603 (Lancaster) to 19138 (Philadelphia)


Dim strSZip, strSCity, strSCountry, fWeightTotal
strSZip = "19138"
strSCity = "Philadelphia"
strSCountry = "US"
fWeightTotal= 4.0


Call ShippingOptionsPullDown( strSZip, strSCity, strSCountry, fWeightTotal ) %>

See if this helps:
http://support.microsoft.com/defaul...&NoWebContent=1

You must have MSXML4 SP2 installed. Read the release notes; toward the end it explains your problem (see also below). Note that I haven't figured out how to fix it on Win2K, but the "Resultant Set of Policy Wizard" (MMC Snapin) appears to be the solution for XP and 2K3.

<exerpt>
Security tightened when posting data using the ServerXmlHttp object
Security in the implementation of the MSXML 4.0 SP2 ServerXmlHttp object has been enhanced to check the Internet Explorer security policy setting for submitting non-encrypted form data. A security policy setting of "Disable" or "Prompt" for the "Submit nonencrypted form data" option will result in an "Access Denied" error message when attempting to post form data using the ServerXmlHttp object. This is a change that can potentially break existing code that uses earlier versions of the ServerXmlHttp object (such as prior released versions of both MSXML 3.0 and MSXML 4.0) to post form data when the Internet Explorer security policy setting for submitting non-encrypted form data is not enabled.
</exerpt>

Hi - I am having the same problem. Haven't solved it yet because I have followed the instructions and am still getting the same "Access Denied" message - even when posting to an HTTPS page.

Anyway, I think the following info might help you to implement the advice from the post above in Win2K (which doesn't seem to have the "Resultant Set of Policy" wizard.

1.From the Start menu, click Run, type "mmc" and then press ENTER.
2. From the File menu, select Add/Remove Snap-In.
3. In Add/Remove Snap-In, click Add.
4. Add the "Group Policy" snap-in to the Console Root.
5. Select Local Computer Policy -> User Configuration -> Windows Settings -> Internet Explorer Maintenance -> Security
6. Click on "Security Zones and Content Ratings"
7. For "Security Zones and Privacy", select the "Import..." radio button and click "Modify Settings"
8. Set "Submit nonencrypted form data" to "Enable"

I have for the mment the same problem ;
All hints found does not give results ...

But I save my file to a Floppy-Diskette ; which has no security and the copies on the harddisk when needed.

'OPEN FILE
Set xml_data = Server.CreateObject("Microsoft.XMLDOM")
' with msxml3.dll
Set xml_data = Server.CreateObject("Msxml2.DOMDocument.4.0")
' with msxml4.dll
'.. instructions to modify xml file below ..
' ..
' Write file to diskette
xml_data.save("a:file_to_save.xml")


Stupid ... but that's me ...

Enjoy,
Jan

For all of those who can't use the mmc, this registry hack will work on Win2k, XP and Win2k3.

Set these values in the registry to allow for non-encrypted data to be posted.

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only (Dword value) = 1
You may have to create CurrentVersion and Internet Settings folders

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601 (Dword value) = 0

This will allow you to use ServerXMLHTTP post with msxml4 sp2.

hope this helps

Thanks for this answer. This problem has been haunting me for days. When I pulled up the Security Zones and Content Ratings as described in the MSXML 4.0 SP2 Release Notes, all of the options were greyed out and I had no way to change them.

Thanks again,
drahmel

Had to use this before and again just now (thank God I found this again w/o too much trouble). I saved it into a .reg file for when I need it again

It certainly did help

Thanks very much for making the effort to post this fix. I have spent hours trying to figure out what the problem is.
We had to back out of a new server implementation last weekend because of this. Server was running Windows 2003 R2 SP2 and IIS 6 with all the latest patches.

I can't post the MS article about this cos I'm a new forum user but the item ID is 820882 and the title is Conformance and Security Changes in MSXML 4.0 SP2 (the link someone provided earlier no longer works).

The article provides the instructions on how to load the local Internet security policy and change the Submit nonencrypted form data setting but then points out that on a computer that is running Windows Server 2003 in Internet Information Services (IIS) 6.0 mode, changing this setting has no affect [sic]!

MS don't mention your registry hack and instead suggest these 3 workarounds:

Method 1: Run the specified Web sites, or virtual directories in a separate IIS pool ,and then create a user that the pool will run under.
Method 2: Create a new DLL, write code to do ServerXMLHTTP calls, and then host the DLL in COM+ under a new user.
Method 3: Use WinHTTP by changing the Prog ID from MSXML2.ServerXMLHTTP.4.0 to WinHTTP.WinHTTPRequest.5.1.

Here comes a good news!!
This have worked on this problem for a whole day and almost drove me nuts!! Thanks God I found the solution finally and here are some conclusions of mine:

1.Use "GET" method only
2.The server where you get XML document from must be on the internet without any authorization.

Hope this experience helps you!

By clearing the flag in Internet Explorer for that internet zone that prevents this POST (Access data sources across domains), it works.

1. In Internet Explorer, click Internet Options on the Tools menu.
2. On the Security tab, click Trusted sites, and then click Sites.
3. Add your site to the zone.
4. Click Custom Level.
5. Under Miscellaneous/Access data sources across domains, click Enable.