Again, by looking at the the policies defined within the default application optimisers of Microsoft Intelligent Application Gateway 2007 (which are supported) it is possible to determine that the following HTTP methods allow list should be sufficient for correct MOSS 2007 operation:
- PROPFIND
- OPTIONS
- HEAD
- POST
- GET
Based upon the parameters defined in the above allow list, it is therefore possible to define a HTTPFilterConfig XML policy as follows:
MOSS HTTP Filter XML Policy
<Configuration BlockExecutables="false" ViaHeaderAction="0" NewViaHeaderValue="" ServerHeaderAction="0" NewServerHeaderValue="" MaxRequestBodyLen="-1"><UrlValidation NormalizeBeforeScan="true" VerifyNormalization="false" AllowHighBitCharacters="true" BlockDotInPath="false" MaxLength="10240" MaxQueryLength="10240"><Extensions AllowCondition="0"></Extensions></UrlValidation><Verbs AllowCondition="1">tion=""/><Verb Value="PROPFIND" Description=""/><Verb Value="OPTIONS" Description=""/><Verb Value="HEAD" Description=""/><Verb Value="POST" Description=""/><Verb Value="GET" Description=""/></Verbs><RequestHeaders/><ResponseHeaders/><DeniedSignatures></DeniedSignatures></Configuration>
You simply need to copy and paste the above text into notepad and save the file as MOSS2007Policy.xml or something similarly descriptive.
Once applied (using the same HTTPFilterConfig.vbs script as described previously) the HTTP filter configuration can be viewed by right-clicking on the respective firewall policy rule defined during the HTTPFilterConfig import and selecting the Configure HTTP option. If imported correctly, you should see the following:
HTTP Methods for MOSS 2007
Keep posted for further articles on troubleshooting the HTTP Filter, once it has been configured...
0 comments:
Post a Comment