IIS 7.5 REST - HTTP Error 403.0 - Forbidden: Access is denied - Any help will be greatly appreciated

itrade · 26 June 2015 08:03

The page i see testing the file - see bottom - is blank but I can trace the error:

Server Error in Application “…”
Internet Information Services 7.5
HTTP Error 403.0 - Forbidden: Access is denied.
Error Summary
You do not have permission to view this directory or page using the credentials that you supplied.
Detailed Error Information
Module
IIS Web Core

Notification
Unknown

Handler
PHP54_via_FastCGI

Error Code
0x00000000

Requested URL
http://…:80/service/v4_1/rest.php

Physical Path
C:\inetpub\wwwroot…\service\v4_1\rest.php

Logon Method
Not yet determined

Logon User
Not yet determined

File I test:

<?php $url = "http://.../service/v4_1/rest.php"; $username = "..."; $password = "..."; //function to make cURL request function call($method, $parameters, $url) { ob_start(); $curl_request = curl_init(); curl_setopt($curl_request, CURLOPT_URL, $url); curl_setopt($curl_request, CURLOPT_POST, 1); curl_setopt($curl_request, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); curl_setopt($curl_request, CURLOPT_HEADER, 1); curl_setopt($curl_request, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_request, CURLOPT_FOLLOWLOCATION, 0); $jsonEncodedData = json_encode($parameters); $post = array( "method" => $method, "input_type" => "JSON", "response_type" => "JSON", "rest_data" => $jsonEncodedData ); curl_setopt($curl_request, CURLOPT_POSTFIELDS, $post); $result = curl_exec($curl_request); curl_close($curl_request); $result = explode("\r\n\r\n", $result, 2); $response = json_decode($result[1]); ob_end_flush(); return $response; } //login ------------------------------ $login_parameters = array( "user_auth" => array( "user_name" => $username, "password" => md5($password), "version" => "1" ), "application_name" => "RestTest", "name_value_list" => array(), ); $login_result = call("login", $login_parameters, $url); echo "

";
    print_r($login_result);
    echo "

"; //get session id $session_id = $login_result->id; ?>

My web.config:

<?xml version="1.0" encoding="UTF-8"?>

My applicationHost.config:

…

    <sectionGroup name="system.webServer">
        <section name="asp" overrideModeDefault="Deny" />
        <section name="caching" overrideModeDefault="Allow" />
        <section name="cgi" overrideModeDefault="Deny" />
        <section name="defaultDocument" overrideModeDefault="Allow" />
        <section name="directoryBrowse" overrideModeDefault="Allow" />
        <section name="fastCgi" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
        <section name="globalModules" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
        <section name="handlers" overrideModeDefault="Deny" />
        <section name="httpCompression" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
        <section name="httpErrors" overrideModeDefault="Allow" />
        <section name="httpLogging" overrideModeDefault="Deny" />
        <section name="httpProtocol" overrideModeDefault="Allow" />
        <section name="httpRedirect" overrideModeDefault="Allow" />
        <section name="httpTracing" overrideModeDefault="Deny" />
        <section name="isapiFilters" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
        <section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
        <section name="odbcLogging" overrideModeDefault="Deny" />
        <sectionGroup name="security">
            <section name="access" overrideModeDefault="Deny" />
            <section name="applicationDependencies" overrideModeDefault="Deny" />
            <sectionGroup name="authentication">
                <section name="anonymousAuthentication" overrideModeDefault="Deny" />
                <section name="basicAuthentication" overrideModeDefault="Deny" />
                <section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
                <section name="digestAuthentication" overrideModeDefault="Deny" />
                <section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
                <section name="windowsAuthentication" overrideModeDefault="Deny" />
            </sectionGroup>
            <section name="authorization" overrideModeDefault="Allow" />
            <section name="ipSecurity" overrideModeDefault="Deny" />
            <section name="isapiCgiRestriction" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
            <section name="requestFiltering" overrideModeDefault="Allow" />
            <section name="dynamicIpSecurity" overrideModeDefault="Deny" />
        </sectionGroup>
        <section name="serverRuntime" overrideModeDefault="Deny" />
        <section name="serverSideInclude" overrideModeDefault="Deny" />
        <section name="staticContent" overrideModeDefault="Allow" />
        <sectionGroup name="tracing">
            <section name="traceFailedRequests" overrideModeDefault="Allow" />
            <section name="traceProviderDefinitions" overrideModeDefault="Deny" />
        </sectionGroup>
        <section name="urlCompression" overrideModeDefault="Allow" />
        <section name="validation" overrideModeDefault="Allow" />
        <sectionGroup name="webdav">
            <section name="globalSettings" overrideModeDefault="Deny" />
            <section name="authoring" overrideModeDefault="Deny" />
            <section name="authoringRules" overrideModeDefault="Deny" />
        </sectionGroup>
        <sectionGroup name="rewrite">
            <section name="rules" overrideModeDefault="Allow" />
            <section name="globalRules" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
            <section name="outboundRules" overrideModeDefault="Allow" />
            <section name="providers" overrideModeDefault="Allow" />
            <section name="rewriteMaps" overrideModeDefault="Allow" />
            <section name="allowedServerVariables" overrideModeDefault="Deny" />
        </sectionGroup>
        <section name="system.management.wsmanagement.config" overrideModeDefault="Allow" />
        <sectionGroup name="externalCache">
            <section name="diskCache" overrideModeDefault="Allow" />
        </sectionGroup>
        <section name="applicationInitialization" overrideModeDefault="Allow" allowDefinition="MachineToApplication" />
        <section name="httpWarmupGlobalSettings" overrideModeDefault="Deny" allowDefinition="MachineToApplication" />
        <sectionGroup name="wdeploy">
            <section name="backup" overrideModeDefault="Deny" allowDefinition="MachineToApplication" />
        </sectionGroup>
    </sectionGroup>
    <sectionGroup name="system.ftpServer">
        <section name="log" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
        <section name="firewallSupport" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
        <section name="caching" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
        <section name="providerDefinitions" overrideModeDefault="Deny" />
        <sectionGroup name="security">
            <section name="ipSecurity" overrideModeDefault="Deny" />
            <section name="requestFiltering" overrideModeDefault="Deny" />
            <section name="authorization" overrideModeDefault="Deny" />
        </sectionGroup>
        <section name="serverRuntime" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
    </sectionGroup>
    <section name="webFarms" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
</configSections>

…

…

<system.webServer>

</system.webServer>

…

IIS AppPool has near full traverse control over all directories and files.

Any help will be greatly appreciated

FG

itrade · 27 June 2015 13:36

Installed on a new IIS host and no problem with REST.