Re: Web application security problem
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 4 Aug 2008 13:26:33 -0500
Usually it is helpful to look in the security event log for logon audit info
for both success and failure to see if you can see exactly what type of
login event happened when the failure occurred. It doesn't always tell you
what you need, but it might. Make sure you have logon event auditing
enabled for both success and failure.
Sometimes the IIS logs can help too.
It might also help if you explain what you mean by "the redirect to WAB".
How does that get generated?
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"<M>" <m_dinnis@xxxxxxxxxxx> wrote in message
news:10368375-9eb7-4f2a-94fa-80c7df94ee81@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I've taken on responsibility for a C# ASP.NET project and am having a
little trouble with the security side of things.
The architecture is something like this:
Web Application A (WAA) makes calls to Web Services A and B (WSA,
WSB). As part of the run time it is possible for the user to select a
link that redirects them to Web Application B (WAB) which also makes
use of WSA and WSB. The web applications have impersonation turned on
and the web services have impersonation turned off.
All the applications and services are running in one application pool
under the Network Service account.
The specific problem i'm trying to resolve is that when the user makes
the call to redirect to WAB I get a 403 error.
Any pointers or tips as to what I should be looking for to enable this
call to be made?
Regards,
<M>
.
- Prev by Date: Urgent - How do you stop a user login more than once at a time?
- Next by Date: Re: SqlClientPermission exception
- Previous by thread: Urgent - How do you stop a user login more than once at a time?
- Next by thread: Re: Web application security problem
- Index(es):
Relevant Pages
|
