Ask a Question related to ASP.NET Security, Design and Development.
-
MattC #1
IIS Not using anonymous impersonation
Hi,
I havea web app that has anonymous accesss enabled. I have specified that
IIS should have the credentials of a user in the active directory. This
user has rights to my SQL Server database.
In my web.config file I have impersonate=true set.
However when I try to access my website an error is produced. On checking my
error log it shows that it failed due to the fact that the user trying to
acccess the database has no rights. Instead of using the user specified in
IIS it seems IIS is using the domain and username of the client, not what I
want.
How do I get IIS to use the user specified in the Directory Security tab of
the web app's properties in IIS?
I have anonymous access ticked and Integrated authentication ticked (without
the second no access at all is allowed).
TIA
MattC
MattC Guest
-
anonymous surf
Hello, i'd like to create a website which could permit me to surf anonymously. As a result, when i will connect to my website it would browse... -
ASP.NET Anonymous Impersonation
Hi, When you impersonate with anonymous security what is suppose to happen (IIS5 platform). Is it the aspnet_wp.exe process runs under the... -
anonymous logon
I have aproblem. I develop my asp.net site at my pc (named PCMANOS)(running IIS) and I have the SQL Server at another pc (named ATHDC). I've... -
How do I log onto anonymous ftp ?
Hello I have logged onto ftps before, but never an anonymous one. I need to log into ftp://archive.progeny.com/ I can view the files with... -
anonymous classes
Hi, Could someone please explain to me the concept of an anonymous class? I'm talking about this construct: class << Foo ... end -
Paul Clement #2 Re: IIS Not using anonymous impersonation
On Tue, 4 Jan 2005 09:10:45 -0000, "MattC" <m@m.com> wrote:
¤ Hi,
¤
¤ I havea web app that has anonymous accesss enabled. I have specified that
¤ IIS should have the credentials of a user in the active directory. This
¤ user has rights to my SQL Server database.
¤
¤ In my web.config file I have impersonate=true set.
¤
¤ However when I try to access my website an error is produced. On checking my
¤ error log it shows that it failed due to the fact that the user trying to
¤ acccess the database has no rights. Instead of using the user specified in
¤ IIS it seems IIS is using the domain and username of the client, not what I
¤ want.
¤
¤ How do I get IIS to use the user specified in the Directory Security tab of
¤ the web app's properties in IIS?
¤
¤ I have anonymous access ticked and Integrated authentication ticked (without
¤ the second no access at all is allowed).
I think what's happening is that Integrated authentication is being used because Anonymous
authentication is being denied access to a resource. You need to set up NTFS file permissions
correctly for the Anonymous account that you are attempting to impersonate.
The fact that you're being denied access when using Anonymous access exclusively would indicate that
the Anonymous account does not have sufficient permissions to access the web application resources.
Paul ~~~ [email]pclement@ameritech.net[/email]
Microsoft MVP (Visual Basic)
Paul Clement Guest
-
MattC #3 Re: IIS Not using anonymous impersonation
Paul,
Spot on. Somehow my application's user account password was reset, i didn't
realise that the the failover for access denied is to use Integrated
authentication, makes sense now that I think of it.
Thanks for your time
MattC
"Paul Clement" <UseAdddressAtEndofMessage@swspectrum.com> wrote in message
news:sihlt0p27u9cfg8557jdpu09ogsvgu128b@4ax.com...> On Tue, 4 Jan 2005 09:10:45 -0000, "MattC" <m@m.com> wrote:
>
> ¤ Hi,
> ¤
> ¤ I havea web app that has anonymous accesss enabled. I have specified
> that
> ¤ IIS should have the credentials of a user in the active directory. This
> ¤ user has rights to my SQL Server database.
> ¤
> ¤ In my web.config file I have impersonate=true set.
> ¤
> ¤ However when I try to access my website an error is produced. On
> checking my
> ¤ error log it shows that it failed due to the fact that the user trying
> to
> ¤ acccess the database has no rights. Instead of using the user specified
> in
> ¤ IIS it seems IIS is using the domain and username of the client, not
> what I
> ¤ want.
> ¤
> ¤ How do I get IIS to use the user specified in the Directory Security tab
> of
> ¤ the web app's properties in IIS?
> ¤
> ¤ I have anonymous access ticked and Integrated authentication ticked
> (without
> ¤ the second no access at all is allowed).
>
> I think what's happening is that Integrated authentication is being used
> because Anonymous
> authentication is being denied access to a resource. You need to set up
> NTFS file permissions
> correctly for the Anonymous account that you are attempting to
> impersonate.
>
> The fact that you're being denied access when using Anonymous access
> exclusively would indicate that
> the Anonymous account does not have sufficient permissions to access the
> web application resources.
>
>
> Paul ~~~ [email]pclement@ameritech.net[/email]
> Microsoft MVP (Visual Basic)
MattC Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
