Ask a Question related to ASP.NET Security, Design and Development.
-
aaapaul #1
Authentication IIS / ASP.NET - Problem
1) I have an intranet .
<Directory>Intranet
with <Subdirctory>admin
and <Subdirctory>database with an accessdatabase (data.mdb)
I have 2 NT-Groups
a) NT-Group "read" can read data in all directories
b) NT-Group "change" can read and write data in all directories
Only the group "change" should be allowed to change data in data.mdb
The files for changing data are in the <subdirctory>admin
2) I am only using Windows-Authentication in IIS
3) In ASP.NET I use authentication mode="Windows"
This is my web.config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<appSettings>
<add key="ConnectionString1"
value="Provider=Microsoft.Jet.OLEDB.4.0;" />
<add key="ConnectionString2" value="_datenbank/daten.mdb" />
</appSettings>
<system.web>
<compilation defaultLanguage="vb" debug="true" />
<customErrors mode="Off" />
<authentication mode="Windows" />
</system.web>
</configuration>
With this configuration I thought only the group "change" can change
date in the Access-database, but other users from the group "read" can
change Data too !
Why? Do you have any solution ?
Thanks
aaapaul
P.S.: Is it a problem with the user ASPNET ? Does he access the
database - Had I to change the connectionstring ? - Integrated
Security = sspi etc. ?
aaapaul Guest
-
Authentication problem
I have the following web method: <WebMethod()> _ Public Function Test_CurrentCredentials() As String() Dim tmpArr(2) As String tmpArr(0) =... -
web.config and authentication problem.
Hello there! I have developed a .net web application. In which I am having some .aspx files and a web.config file. All the files are in same... -
http authentication problem
if ((!isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))) { header( 'WWW-Authenticate: Basic realm="Private"' ); header( 'HTTP/1.0 401... -
Problem with Forms Authentication
I have an application using FormsAuthentication that does not persist the authentication cookie beyond the session so each time a user starts a... -
What problem is this (regarding Authentication Mode)?
Server Error in '/' Application. ---------------------------------------------------------------------------- ---- Configuration Error... -
AlKa #2 Re: Authentication IIS / ASP.NET - Problem
This is probably because of ASP.NET impersonation.
The code which reads/writes data is actually run by aspnet_wp.exe which is
running as "ASPNET" or "SYSTEM" user. If impersonation is disabled (that is
the deafult and probably your case), the process will use its own
credentials to obtain access to the needed resources.
If impersonation is enabled, aspnet_wp uses the credentials of the user
which is impersonating to access resources.
To enable/disable impersonation, you only need to add an <identity /> tag
within the <system.web> tag of your web.config file. There are three
possible solutions:
1) <identity impersonate="false" > : the default
2) <identity impersonate="true" > : in this case the impersonated identity
is that of the logged remote user
3) <identity impersonate="true" userName="domain\goofy" password="minnie">:
in this case the impersonated identity is Goofy's!
So, try to use 2 and it shoul work fine.
Hi, Alessandro.
P.S: I hope my english will work ..
"aaapaul" <paul.kasparbauer@vit.linhardt.com> ha scritto nel messaggio
news:9de0b61f.0310310050.72e025ba@posting.google.c om........> 1) I have an intranet .
> <Directory>Intranet
> with <Subdirctory>admin
> and <Subdirctory>database with an accessdatabase (data.mdb)> P.S.: Is it a problem with the user ASPNET ? Does he access the
> database - Had I to change the connectionstring ? - Integrated
> Security = sspi etc. ?
AlKa Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
