Configuring the Web Server Registry

After you have created a configuration for your Web Server device, you need to modify the registry to create virtual root directories and specify the access rights for your users. To gain access to a virtual path, a user must be authenticated using NTLM authentication or Basic authentication. Specify the authentication level by setting the "a" value for each virtual path. For more information, about authentication levels, see Web Server Authentication.

Note   To configure user access rights for virtual roots using Basic and NTLM authentication, you must use Windows CE .NET 4.2 or later.

1. On PBCLIENT, in Platform Builder, from the Workspace window, choose the ParameterView tab at the bottom of the window. In the project tree, expand the Project Files node, and double-click the project.reg file.

2. Expand the nodes until you find the CEPC folder.

3. Expand the CEPC folder, and then expand the Project Specific Files folder.

4. To open the file, double click project.reg.

5. To create virtual roots, set up access rights for your users, and include the sample Web-based configuration page (httpadm.dll) in your image, add the following registry keys and values to project.reg:

   HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\/WebAdmin]
   @="\\windows\\httpdadm.dll"
   "a"=dword:0
   

   Note   Setting the "a" value to zero (0), enables anonymous users to have access to all files in the virtual directory. This completely opens the device up to hackers. Setting this value to zero (0) is permissible for internal development and testing purposes. However, you should never ship a Web server device with the "a" value set to zero (0) for any configuration page.

   [HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\/BasicOnly]
   @="\\"
   "a"=dword:1
   "Basic"=dword:1
   "NTLM"=dword:0
   [HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\/NTLMOnly]
   @="\\"
   "a"=dword:1
   "Basic"=dword:0
   "NTLM"=dword:1
   [HKEY_LOCAL_MACHINE\COMM\HTTPD\VROOTS\/BothAuth]
   @="\\"
   "a"=dword:1
   "Basic"=dword:1
   "NTLM"=dword:1
   

   Adding these values will create virtual root directories for the Basic and NTLM-based authentication methods.

   Note   To set the password for the entire Web server device for Basic authentication, you can create a configuration application that runs on the device, and calls the SetPassword function. Setting the password programmatically through SetPassword is the equivalent of the device password setting that you add in Control Panel. To view an example of an ISAPI that uses SetPassword to configure the device's password, see the code sample that is located in the %_WINCEROOT%\public\servers\sdk\samples\natadmin directory.

6. From the Build menu, choose Build Platform.

   The build process will take several minutes.

See Also

How to Configure the Web Server | Web Server Authentication and Permissions | Web Server Authentication | Web Server Access Rights | Web Server Security | Authentication Services | ISAPI Extensions, Filters, and Script Mapping

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.