RE: Process Identity Options
From: Bassel Tabbara (basseltonline@microsoft.com)
Date: 11/13/02
- Next message: Windows Forms Team: "Re: running winform exe from the web"
- Previous message: Willy Denoyette [MVP]: "Re: Gaining access to network shares from WebServices and WebForms"
- In reply to: Paul R. Morin: "Process Identity Options"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: basseltonline@microsoft.com (Bassel Tabbara (MS)) Date: Wed, 13 Nov 2002 21:16:56 GMT
Paul,
In addition to my last post, a remote resource can be accessed by using
the ASP.NET process identity. You need to configure the local ASP.NET
account
by changing the password to a known value on the Web server and then
creating a mirrored account (with the same name and password)
on the database server. you can use either the ASPNET account or by using a
domain account. In addition, the process identity needs to be configured
for that account with the new password. Finally you add the account to the
Sql Database. If you want to use a domain account in place of the
ASPNETaccount, it assumes a trusted domain is in place.
For further information you can refer to the following documentation
on how to build secure asp.net application.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/secnetlpMSDN.asp
I hope this helps.
Thanks,
Bassel Tabbara (MS)
This posting is provided “AS IS” with no warranties, and confers no rights.
You assume all risk for your use.
© 2001 Microsoft Corporation. All rights reserved.
--------------------
| From: "Paul R. Morin" <prm@scinteract.com>
| Subject: Process Identity Options
| Date: Fri, 8 Nov 2002 11:17:29 -0500
| Lines: 12
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <OLOUkI0hCHA.3736@tkmsftngp08>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| NNTP-Posting-Host: 216.89.97.254
| Path: cpmsftngxa06!tkmsftngp01!tkmsftngp08
| Xref: cpmsftngxa06 microsoft.public.dotnet.framework.aspnet.security:2912
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| In ASP/VB6 all of my data and network components were running in a COM+
| package to avoid storing passwords anywhere in clear text. All SQL and
| network access was based on the package idenity. I need the same
| functionality in ASP.NET and as far as I can tell I need to derive my
| classes from ServicedComponent and continue to use COM+ packages for
| security reasons... Are there any other options?
|
| Thanks,
|
| - Paul
|
|
|
- Next message: Windows Forms Team: "Re: running winform exe from the web"
- Previous message: Willy Denoyette [MVP]: "Re: Gaining access to network shares from WebServices and WebForms"
- In reply to: Paul R. Morin: "Process Identity Options"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
