RE: Issue with X509Certificate2 (works with Cassini, fails with IIS)



Hi Dpomt,

Yes, as you've found out, this is a security permission issue.

Actually, the problem is due to the different process/security model of
Casinni(VS 2005 test server) or IIS based ASP.NET web application.

** For IIS hosted ASP.NET applications, the worker process is running under
the ASP.NET worker process account. Default one is machine\ASPNET(for IIS5)
or NetworkService(for IIS6). These services account are not powerful
normally.

**While using the VS 2005 test server(cassini), it is actually a .net
winform application, so the ASP.NET application hosted in testServer is
running under the current logon user account which is always a powerful
user account, so you will bypass many security issue under this condition.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



This posting is provided "AS IS" with no warranties, and confers no rights.


.



Relevant Pages

  • Re: sendmail subject problem but with a twist
    ... cmoore@linuxmail.org (Chris Moore) wrote: ... > because the user account that sends it must be a registered user on ... My test box has different usernames ... Adding joeblow to the test server is not an option either. ...
    (comp.unix.admin)
  • sendmail subject problem but with a twist
    ... I have to use sendmail to send a file via command line. ... because the user account that sends it must be a registered user on ... My test box has different usernames ... Adding joeblow to the test server is not an option either. ...
    (comp.unix.admin)
  • Re: WebConfig Authorization
    ... Check the user account used for the ASP.NET worker process or the current ... user (in case impersonation is enabled) has access to the folder. ... I have a a folder where I store several files. ...
    (microsoft.public.dotnet.framework.aspnet)