RE: Impersonation question regarding a microsoft article
From: Brian Newtz (anonymous_at_discussions.microsoft.com)
Date: 12/24/03
- Next message: Jos: "Re: Problem with Impersonation"
- Previous message: Rafi: "FormsAuthentication.GetRedirectUrl returns non-existing page ??"
- In reply to: Jim Cheshire [MSFT]: "RE: Impersonation question regarding a microsoft article"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Dec 2003 07:37:57 -0800
Jim,
Thanks!
-Brian
>-----Original Message-----
>Brian,
>
>That documentation is incorrect. The process account
has to have full
>control on that folder, but the impersonated account
does not in the case
>of first-time JIT compile.
>
>Jim Cheshire, MCSE, MCSD [MSFT]
>Developer Support
>ASP.NET
>jamesche@online.microsoft.com
>
>This post is provided as-is with no warranties and
confers no rights.
>
>
>--------------------
>>Content-Class: urn:content-classes:message
>>From: "Brian Newtz"
<anonymous@discussions.microsoft.com>
>>Sender: "Brian Newtz"
<anonymous@discussions.microsoft.com>
>>Subject: Impersonation question regarding a microsoft
article
>>Date: Tue, 23 Dec 2003 08:17:43 -0800
>>Lines: 40
>>Message-ID: <09b201c3c970$4b509c00$a601280a@phx.gbl>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="iso-8859-1"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Thread-Index: AcPJcEtQodKge0h2Sd+UR2DdUFfdag==
>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>Newsgroups:
microsoft.public.dotnet.framework.aspnet.security
>>Path: cpmsftngxa07.phx.gbl
>>Xref: cpmsftngxa07.phx.gbl
>microsoft.public.dotnet.framework.aspnet.security:8036
>>NNTP-Posting-Host: tk2msftngxa14.phx.gbl 10.40.1.166
>>X-Tomcat-NG:
microsoft.public.dotnet.framework.aspnet.security
>>
>>Hello everyone!
>>
>>I recently read "ASP.NET Impersonation" from the .NET
>>Framework Developer's Guide
>>(http://msdn.microsoft.com/library/default.asp?
>>url=/library/en-
>>us/cpguide/html/cpconaspnetimpersonation.asp) and it
says
>>the following:
>>
>>"Only application code is impersonated; compilation and
>>configuration are read as the process token. The result
>>of the compilation is put in the "Temporary ASP.NET
>>files" directory. The account that is being
impersonated
>>needs to have read/write access to this directory."
>>
>>So, this is basically telling me that every
authenticated
>>user has to have access to my 'Temporary ASP.NET files'
>>directory in order to view the pages??? I've verified
>>that this is definitely not the case, as my 'Temporary
>>ASP.NET files' directory has only the following
security
>>permissions(my computer name is BNEWTZ):
>>
>>Administrators (BNEWTZ\Administrators)
>>aspnet (aspnet@mycompanysdomain.local)
>>CREATOR OWNER
>>LOCAL SERVICE
>>NETWORK SERVICE
>>Power Users (BNEWTZ\Administrators)
>>SYSTEM
>>Users (BNEWTZ\Users)
>>
>>With these permissions (which are the default, except
>>that I've added the domain aspnet account which I use
in
>>the processmodel section of machine.config) any domain
>>user can get to the website just fine. So is the
article
>>incorrect in that statement?
>>
>>Thanks!
>>-Brian
>>
>>
>
>.
>
- Next message: Jos: "Re: Problem with Impersonation"
- Previous message: Rafi: "FormsAuthentication.GetRedirectUrl returns non-existing page ??"
- In reply to: Jim Cheshire [MSFT]: "RE: Impersonation question regarding a microsoft article"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
