Re: NTFS + Impersonation + Asp.Net

From: David Fanning (dfanning@europeancredit.com)
Date: 09/20/02 

From: "David Fanning" <dfanning@europeancredit.com>
Date: Fri, 20 Sep 2002 03:46:16 -0700

Willy

It's an aspx page I trying to protect with NTFS perssions.

Thanks

David

>-----Original Message-----
>What page are you talking about?
>Note that .aspx .asmx etc. pages are read by the worker
asp.net process BEFORE your code executes.
>
>Willy.
>
>"David Fanning" <dfanning@europeancredit.com> wrote in
message news:380e01c2608f$4426f9b0$2ae2c90a@phx.gbl...
>>
>> Ok, appologies I know Impersonation has been done to
death
>> however I couldn't find much help about NTFS file
>> permissions and Asp.Net.
>>
>> My problem is as follows;
>> I've deployed an Asp.Net app so it impersonates the user
>> logging in with a valid certificate (certificate
mapping).
>> I'm pretty sure the impersonation is working correctly,
>> I've check both the User.Identity.Name and the more
useful
>> System.Security.Principal.WindowsIdentity.GetCurrent
>> ().Name and both appeared to reflect the correct NT
>> Account.
>>
>> HOWEVER, as a test I set NTFS file permisions to refuse
>> access to a web page for this NT Account (TestUser).
Guess
>> what, the web page was still shown.
>>
>> What's going on here, I thought any 'Deny' NTFS
>> permissions take precendence over 'Grant'.
>>
>> Are there any good resources that explains, preferably
>> with an example exactly how to setup NTFS file security
>> with an Asp.Net app executing under a specific 'User' NT
>> account.
>>
>> Many Thanks
>>
>> David
>>
>>
>
>
>.
>

Relevant Pages

  • Re: XP Pro. Group Member permission question.
    ... NTFS security, or if so, they do not affect the account. ... the custom group and grant the access? ... >>get any permissions except for the permission to change ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Why does Everyone have Full Control of everthing?
    ... Analysis snap-in to apply the Setup Security template to my machine, ... Perhaps I should have only applied the file permissions ... using the personal account created at setup. ... >list of default NTFS permissions for Windows 2000. ...
    (microsoft.public.windowsxp.general)
  • Re: NTFS + Impersonation + Asp.Net
    ... the ACL for the NTFS permissions? ... >access to the TestUser). ... >As far as securing, on an NT Account basis, the aspx, ... >>>aspx file within the site. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: impersonation and ado access connection
    ... To rule out NTFS issues, I went so far as to give EVERYONE full control ... (with replace permissions on all child objects) ... I am implementing impersonation in my machine.config for IIS application Isolation of the ASPNET worker process. ... I am giving the new account the same permissions to files and folders that the aspnet account had. ...
    (microsoft.public.windows.server.security)
  • Re: impersonation and ado access connection
    ... To rule out NTFS issues, I went so far as to give EVERYONE full control ... (with replace permissions on all child objects) ... I am implementing impersonation in my machine.config for IIS application Isolation of the ASPNET worker process. ... I am giving the new account the same permissions to files and folders that the aspnet account had. ...
    (microsoft.public.dotnet.framework.aspnet.security)