ASP.NET security question
From: John O'Connell (ltj__bukem@nospaaaam.hotmail.com)
Date: 03/14/03
- Next message: Kevin Spencer: "Re: Server.Transfer Vs. Response.Redirect"
- Previous message: Ersin Gençtürk: "Re: ASPX Sending more data packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "John O'Connell" <ltj__bukem@nospaaaam.hotmail.com> Date: Fri, 14 Mar 2003 03:29:37 -0800
I'm building an ASP.NET app that will access a SQL2000
database via a single trusted login. The way I planned to
do this was to set up the app to impersonate the trusted
account via Web.config <identity> section. I've tried it
but it fails with a "required privilege is not held by the
client" error.
As per various bits of documentation, I've set full
control permissions on the "Temporary ASP.NET files" path
on the web server box for the trusted account but I still
get the above error. Any ideas why or what else do I need
to do?
Also, the trusted account username and password appear in
clear text in the <identity> section of Web.config; now I
know that passwords used in forms authentication can be
encryptd using sha1 or md5 but can I encrypt passwords for
the <identity> section?
TIA
John O'Connell
- Next message: Kevin Spencer: "Re: Server.Transfer Vs. Response.Redirect"
- Previous message: Ersin Gençtürk: "Re: ASPX Sending more data packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
