Re: How do I run using Windows Identity (Windows 2003)
- From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 31 Dec 2006 10:28:05 +0000 (UTC)
Yep - looks good.
NETWORK SERVICE is builtin and not listed - if you want to grant access (e.g. in SQL SERVER) - use that name:
NT AUTHORITY\NETWORK SERVICE
The AspNetTokenRoleProvider is not needed - haven't found any advantages using it (besides that you get a RolePrincipal instead of a WindowsPrincipal which is confusing IMO)
-----
Dominick Baier (http://www.leastprivilege.com)
Hi;
This appears to be working but I want to make sure I am doing it
right.
I want to be able to run where it passes my Windows Identity to my
ASP.NET app. But I want the ASP.NET app running as whatever user is
the default for that - NOT as the client user.
What do I set?
In IIS Authentication Methods I turned Enable anon off and I checked
Integrated Windows Authentication.
My web.config is:
<authentication mode="Windows"/>
<identity impersonate="false"/>
<authorization>
<allow roles="THIELEN\Windward Administrators, THIELEN\Windward
Users"/>
<deny users="*"/>
</authorization>
<roleManager enabled="true"
defaultProvider="AspNetWindowsTokenRoleProvider"/>
This shows me running as NT AUTHORITY\NETWORK SERVICE and
automatically authenticates me. The thing is, I can't find NETWORK
SERVICE as a user (or group) in either the users/groups on the machine
I install to. I know it's a built-in account but shouldn't it be
listed?
And how does this relate to the user ASPNET and the group IIS_WPG?
Cubicle Wars - http://www.windwardreports.com/film.htm
.
- Prev by Date: RE: Who is may ASP.NET app supposed to run as?
- Previous by thread: Re: Getting share & file permissions
- Index(es):
Relevant Pages
|
|
