Re: Machine.Config -- ProcessModel vs Impersonation

From: Wm. Scott Miller (Scott.Miller_at_spam.killer.wvinsurance.gov)
Date: 05/25/04 

Date: Tue, 25 May 2004 09:43:12 -0400

So which would be better to use for database access? Both work for what I'm
doing, but I'm concerned because I'm new to ASP.NET. Which is better for
this type of thing? What are the advantages and disadvanages of each one in
relation to database access and network share access etc? What I'm most
confused about is both appear to work for both of my needed tasks, so why
have two ways to do it? Are there real advantages and disadvantages to each
or are they equivalent?

>From what I understand, both would be of no consequence should the machine
become compromised, even when using the "secure" ASPNET_SETREG utility to
store the Identity information and the integrated IIS 6.0 worker process
username/password pair (or using the same utility for IIS 5.x in the
ProcessModel section of the machine.config). Reason is that these are
stored using encryption based on the machine. Once you are in the machine,
you can decrypt from the registry.

So which one makes it most secure/more difficult to crack?

Thanks for the reply!

Scott

"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:eGwMhqgQEHA.964@TK2MSFTNGP10.phx.gbl...
> ProcessModel is the identity of the process itself (eg the aspnetwp.exe
> process)
>
> Impersonation is the account that should be used (Impersonated) by ASPNET
to
> access resources (eg read an .aspx file off the hard disk)when requests
come
> in.
>
> Cheers
> Ken
>
> "Wm. Scott Miller" <Scott.Miller@spam.killer.wvinsurance.gov> wrote in
> message news:Onp53gaQEHA.640@TK2MSFTNGP09.phx.gbl...
> : What is the difference between using a username and password in the
> : processmodel section vs using one in impersonation in the machine.config
> : file? What are the advantages of each and what are the usages of each?
> :
> : Thanks for any replies,
> : Scott
> :
> :
>
>