Allowing Web Applications to Coexist with Windows SharePoint Services 2.0

SharePoint 2003

Updated: 08-22-2005

You can install Microsoft Windows SharePoint Services on a server or server farm that is running other Web applications such as Outlook Web Access for Microsoft Exchange Server. Installing Windows SharePoint Services adds a filter that intercepts all HTTP requests, effectively blocking access to other applications. Windows SharePoint Services allows you to manage which paths are controlled by Windows SharePoint Services and which paths are managed by other applications. SharePoint Central Administration allows you to exclude the paths controlled by the other Web applications from the paths that Windows SharePoint Services controls.


Windows SharePoint Services SP2 no longer changes the default authentication to NTLM for the application pool security account. You now may use either Kerberos authentication or NTLM for the security account. For more information, see What's New in Windows SharePoint Services 2.0 Service Pack 2.

When you extend a virtual server by using Windows SharePoint Services, Windows SharePoint Services automatically intercepts all requests to access that virtual server. If the virtual server also hosts one or more Web applications that are independent of Windows SharePoint Services, the requests sent to these Web applications will not get through.

To solve this problem, you must configure an excluded path for the virtual server on the server that is running Windows SharePoint Services. The excluded path tells the server that is running Windows SharePoint Services not to intercept the request to access the virtual server and to let Microsoft Internet Information Services (IIS) handle the request instead.

Create an excluded path for a virtual server

  1. On the Start menu, point to Administrative Tools, and then click SharePoint Central Administration.

  2. In the Virtual Server Configuration section, click Configure virtual server settings.

  3. On the Virtual Server List page, click the virtual server that you want to create the excluded paths for.

  4. In the Virtual Server Management section, click Define managed paths.

  5. In the Add a New Path section, type the path that you want to exclude in the Path box.

  6. Click Excluded Path, and then click OK.

In some situations, you must do more than just create the excluded path. Some Web applications might require that you change the Web.config file for the server that is running Windows SharePoint Services. Consult the documentation for the Web application; if there is nothing in the documentation about the Web.config file, try creating the excluded path first. If you get an error message such as "HTTP 404 - Page cannot be found" or "A Web Part on this Smartpage cannot be displayed because it is not registered on this site as a safe Web Part," change the Web.config file. If your Web application still does not work, contact Microsoft Support.

Change the Web.config file

  1. On the server that is hosting the Web page that you want to configure, locate the path that you excluded earlier. The path will be similar to the following:


  2. Save a backup copy of the Web.config file as Web2.config.

  3. Copy the code provided at the end of this topic.

  4. Open the Web.config file. Locate the <system.web>; tag, and then paste the code you copied after it.

  5. Save the Web.config file.

  6. Install the HTTP module from the Microsoft Knowledge Base article How to enable an ASP.NET application to run on a SharePoint virtual server (

    After you install the module, include a reference to the module in the Web.config file for your ASP.NET application that resides under an excluded path of the Windows SharePoint Services virtual server.


    You do not have to include a reference to the module in the Web.config file that Windows SharePoint Services uses at the root of the virtual server.

    In the Web.config file, locate the entries under <httpModules> in the <system.web> section, and then add the following code after the last entry:

    <add name="ValidatePathModule" 
     type="Microsoft.Web.ValidatePathModule, Microsoft.Web.ValidatePathModule, 
     Version=, Culture=neutral, PublicKeyToken=eba19824f86fdadd"/>
  7. Save the Web.config file.

Information in this topic was derived from the Microsoft Knowledge Base article How to enable an ASP.NET application to run on a SharePoint virtual server ( Refer to that article for the latest information about troubleshooting issues with ASP.NET Web applications and Windows SharePoint Services. For more information about excluded paths in Windows SharePoint Services, see Managing Paths (Windows SharePoint Services 2.0).

Begin copying the code at the next line of text.

<!-- Set up the PageHandlerFactory to process all requests. 
 This will override the SharePoint HTTPHandler. -->

<add verb="*" path="*.aspx" 
 type="System.Web.UI.PageHandlerFactory, System.Web, Version=1.0.5000.0, 
 Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />

Set the trust back to Full. Windows SharePoint Services 
 configures a very restrictive trust policy that does not 
 allow most applications to run correctly.

<trust level="Full" originUrl="" />

  Enable the modules that you must have for your program to run.
  If you receive the following message:
  Parser Error Message: The module '<moduleName>’ is already in the 
  program and cannot be added again
  You can remove the modules that are mentioned in the error message. 
  The SharePoint web.config already includes the module for OutputCache 
  and WindowsAuthentication so you do not have to add them here.

   <add name="Session" 
   <add name="FormsAuthentication" 
   <add name="PassportAuthentication" 
   <add name="UrlAuthorization" 
   <add name="FileAuthorization" 

<!-- Enable Session for the pages -->

<pages enableSessionState="true" enableViewState="true" 
 enableViewStateMac="true" validateRequest="false" />