Re: anonymous access + impersonation

Hello,
If i understood your problem exactly, my advice u to impersonate your com+
component not ASP.NET or IIS. To accomplish this u must register your com+
component under a com+ application that is configured to run as a server
application(or you can modify IIS application protection level). Impersonate
this com+ application. Add read&execute rights for the physical dll for
ASPNET user and give directory listing rights on that hard drive...

This is the easiest way to do this. But it might has some security risks i
am not sure.. Be careful on this scenario. "Anyone who can call your com+
component will have impersonated user's rights and permissions.. "

--
HTH

Thanks,
Yunus Emre ALPÖZEN
BSc, MCSD.NET
Microsoft .NET & Security MVP

<yonido@xxxxxxxxx> wrote in message
news:1138631825.981388.206640@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> hi & thanks for the quick reply.
>
> your suggestion is exactly the same as my #2 attempt to solve the
> problem (mentioned above).
> the situation now is exactly as you mentioned.
> the new info you've added is about DACLs. i dont exactly know what you
> meant, but i tried adding read permissions through windows file system
> (is that what you meant?) to the user & nada.
>
> btw - if i open myService.asmx from the local computer it works with no
> problem (because im logged as the same user that runs the apppool).
> if i open myService.asmx from a remote computer - i get prompted to
> enter user & pass, and nothing passes through, even if i enter the
> apppool user & its password.
>
>
> any ideas?
>


.

Relevant Pages

  • RE: programatically changing the .net version of virtual directory
    ... I think using external command utility to do the work is reasonable because ... IIS metabase setting. ... we can impersonate the client-user and spawn new process to ... This posting is provided "AS IS" with no warranties, and confers no rights. ...
    (microsoft.public.dotnet.framework.aspnet)
  • MOSS 2007 - Changing ListItem permissions in EventReciever
    ... Feature registrates FeatureEventReciever ... ItemAdded event changes access rights of item that was created to ... So I need to impersonate programmatically Admin user. ... bstrUrl, String bstrListName, String bstrViewName, String bstrViewXml, ...
    (microsoft.public.sharepoint.portalserver)
  • Re: AD queries. Please, prove me being wrong...
    ... If you want to impersonate the authenticated user ... Kerberos delegation in AD to allow the web app to have the rights to ... delegate the user's credentials to AD. ... means that you must ensure that you use IWA auth in IIS and ensure that IWA ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: File copy via ASP.NET access errors?
    ... Where are the user credentials coming from? ... the <impersonate> web.config setting, then are you using a domain account? ... Basic Authentication means that IIS has the user's ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: File copy via ASP.NET access errors?
    ... Where are the user credentials coming from? ... the <impersonate> web.config setting, then are you using a domain account? ... Basic Authentication means that IIS has the user's ...
    (microsoft.public.dotnet.framework.aspnet)