User authentication with MSXML object

Hi,


I'm using the MSXML object in some VBA code to retrieve data and load it into Excel 97. Excel is being run form within IE5 by redirecting to https://hostname/aa/bbb/file1.xls

The source of the data being called by the Excel VBA code is on a secure server so I need the call to be authenticated. The web server is not an IIS server.

The code used is bascially:

Set LoadXML = CreateObject("MSXML.DOMDocument")
LoadXML.async = False
LoadXML.Load ("https://hostname/file.xml")

The Load method is failing because it is either trying to parse the authentication screen or if I use a modal dialog login then it fails with Access is Denied.

The user will already have authenticated on the server to get to that point. So why is the MSXML object not using the users current IE5 authenticated session ?


No each call is going to be unique. I cannot use a call similar to setProxyCredentials() as I won't know a specific username and password - these should come form the IE5 session.


Any ideas ?



Many thanks,

Alex


Alex_GouldAsked:
Who is Participating?
 
b1xml2Connect With a Mentor Commented:
Alex, there can be an on-demand web-based installation of MSXML3 SP1. This is useful both for the Internet as well as the Intranet. That way, you really don't have to slave and force install on ALL boxes. =)
0
 
b1xml2Commented:
Firstly, you shd be using the latest parsers: MSXML3/4. The older parsers cannot use HTTPS whatsoever...

Progid for DOMDocument30
"Msxml2.DOMDocument.3.0"

Progid for DOMDocument40
"Msxml2.DOMDocument.4.0"

Basically, you are creating a new session regardless of current session when you specify the full URL. Secondly, because it is within excel, even if Excel is instantiated from within Internet Explorer, you will be having a new session, whether you like it or not.

It is a pain trying to connect using HTTPS as the Parser does not support cross protocols:

1. From HTTP to HTTPS.
2. From HTTPS to HTTP.
3. From an ActiveX Container to HTTPS.

Furthermore, it is only with MSXML3 SP1+ that SSL client certificates are supported but the way to install it can be pretty convoluted.

The call to the file MUST originate from a web page within the SSL DOMAIN (in other words HTTPS)

Hence, this will work within a web page on the web app
<script language="vbscript">
Set LoadXML = CreateObject("MSXML.DOMDocument")
LoadXML.async = False
LoadXML.Load ("file.xml")
</script>

Support for authentication for the XML Parser takes the form of BASIC AUTHENTICATION and that means it is really not secure: cleaar text.

What I suggest is the following:

1. Use a web page that embeds the EXCEL document
2. Have client-side scripts load the XML document
3. Pass the data to the Embedded OBJECT.

It is not a problem is the web server is NOT IIS.



0
 
Alex_GouldAuthor Commented:
Thanks very much for your comprehensive answer.

Sorry for the delay.

I am checking all these cases and will get back to you shortly.


Ideally, I didn't want to have to install any 3rd party s/w, drivers, parsers, etc.

If I have to (and it seems like we will) then so be it.



Thanks,

Alex
0
 
Alex_GouldAuthor Commented:
Thanks again for the pointers.

Whilst this isn't a solution - it's now clear to me that there isn't going to be one.

Well, at least, not as easy as I was hoping.

You've given me enough information to build on.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.