Newbie security frustration

From: Bernie (anonymous_at_discussions.microsoft.com)
Date: 04/23/04

• Next message: Shawn Farkas: "RE: Newbie security frustration"
• Previous message: frazer: "Re: MD5"
• Next in thread: Shawn Farkas: "RE: Newbie security frustration"
• Reply: Shawn Farkas: "RE: Newbie security frustration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 22 Apr 2004 16:01:17 -0700

I'm familiar with IIS (not an expert) and write ASP coding a bunch. I understand anonymous usernames and the basics behind IIS 6.0 impersonation, but, I'm now trying to get an .net app to run on a Windows 2k3 server. It appears that it is much more complicated than it used to be. So here we go...

I've added the files that make up the app to the IIS 6.0 wesite. I attempt to run it from a browser and get an error that I see many others getting:
Error Msg:
*********************
Exception Details: System.UnauthorizedAccessException: Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\ilearn\ef80c615\45266ffc\hash.web" is denied.
**********************

Based on what I've read, this has to do with the configuration in the machine.config file, specifically the impersonate= and settings in the <process model> key. But I'm stuck there and can't disect what is going on with my coinfig in order to fix it. In other words, how do I figure out exactly what account the system is using? I've tried to use the ASPNET account and even added that to the administrators group but that doesn't work (I removed it now). Blah, blah, blah.

It appears that .Net is trying to make copies of the files. Why? If it is going to try to do this by default, why aren't the default security settings ready to go? Additionally, I'm having a very difficulty time finding a resouce that spells out the concepts behind what is going on, and how to fix it. Can anyone point me in the right direction?

Thanks
B

---

• Next message: Shawn Farkas: "RE: Newbie security frustration"
• Previous message: frazer: "Re: MD5"
• Next in thread: Shawn Farkas: "RE: Newbie security frustration"
• Reply: Shawn Farkas: "RE: Newbie security frustration"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: 2003 Server ASP.NET Problem (IE Only!) ... Is scripting disabled in the browser? ... It doesn't seem to be a problem with IIS, since IIS does not care about ... > first screen and clicks "Login", but the app doesn't do anything. ... (microsoft.public.inetserver.iis) Re: URL Rewriting for certain file types ... Except on new IIS 7.0, I believe with IIS 7 you can route any HttpRequest ... Instead of giving out the direct link to the document. ... browser to a different URL. ... ASP.NET but what if I install this app on a "hosted" site where I can't ... (microsoft.public.dotnet.framework.aspnet) Different behavior for Windows Authentication with same app ... I have an asp.net app that uses windows authentication. ... In the browser if I enter: ... (machine.config, web.config or IIS)? ... (microsoft.public.dotnet.framework.aspnet.security) Re: Access 2010 with Sharepoint 2010 ... the browser as in Access itself? ... I've said elsewhere that I'm wary of embedded macros because of the ... An existing app ... that when I deploy to the client system, ... (comp.databases.ms-access) Re: VS2008 HTTP 403 Help!! ... Check in your IIS Manager, and make sure you created a virtual directory ... for your app. ... Seems like the publish took away the projects web app status. ... (microsoft.public.dotnet.framework.aspnet)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2004-04