AW: Hosting multiple sites/ASP.NET security

From: Dominick Baier (db@die-lounge.com)
Date: 09/19/02 

From: "Dominick Baier" <db@die-lounge.com>
To: "'Rado Stoyanov'" <radostoyanov@softhome.net>, <focus-ms@securityfocus.com>
Date: Thu, 19 Sep 2002 21:01:35 +0200

Hi,

take a look at the <impersonation> or <identity> tag in the web.config
(don't know it by heart right now)

You can set the windows account under which the application runs - place
this web.config file in the root of your site or web app and off you go!

hope this helps
dominick
www.ernw.de

-----Ursprüngliche Nachricht-----
Von: Rado Stoyanov [mailto:radostoyanov@softhome.net]
Gesendet: Donnerstag, 19. September 2002 14:56
An: focus-ms@securityfocus.com
Betreff: Hosting multiple sites/ASP.NET security

Hello,

I host several web sites that I own on a single web server (Windows
2000). It's possible to choose a separate Anonymous web user account for
each of the sites in IIS 5, and ASP applications run in the context of
own anonymous users. This is wise, because each of the anon users is
permitted to access only corresponding web site's directories, and not
other web site's directories.

Unfortunately, when I am migrating to ASP.NET, I have faced the problem
that there's a single account called ASPNET and all web applications run
under this account, no matter of which is the current IIS web's
anonymous user.

My question is: is there any method to achieve the same with ASP.NET, or
are there any alternative considerations that can be taken, in order to
have a secure multi-hosting environment.

Thanks,
Rado

Relevant Pages

  • Re: Windows 2003 AnonymousUser
    ... Why don't you just synchronize user accounts on all the machines so that you ... Of course, the Guest ... account is on, and I have modified the machine's Local Security Policy ... I want all anonymous users on my LAN to map to the Guest ...
    (microsoft.public.inetserver.iis.security)
  • Re: Unable to logon as Administrator after changing Administrator membership
    ... have but I didn't modified the drive letter and I didn't modify the drive ... The only things I've made is to add 2 groups to the Administrator membership ... ("Web Anonymous Users" and "Web Applications") ... I have the same problem with another account which have the "Users" and "Web ...
    (microsoft.public.win2000.setup)
  • IIS and COM Components
    ... I am trying to host two website on IIS 5.0. ... two different NT account as anonymous users for each ... Microsoft ActiveX Data Objects Library and not to have ...
    (microsoft.public.inetserver.iis.security)
  • Re: Cannot import resource into enterprise - invalid windows account
    ... Using an account of administrator in PWA, ... the Enterprise Resource Pool. ... Enter at least, the resource name, windows account in the format ... Create a different set of users from User1, 2, etc to ...
    (microsoft.public.project.pro_and_server)
  • Re: sql server connection
    ... > Windows account for database access. ... > impersonation in the middle tier, avoid doing so because it defeats ... Map each account to a SQL Server database role, ... > So I created a special windows account and gave it database permissions to ...
    (microsoft.public.dotnet.framework.aspnet)