Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > identity impersonate

Reply
Thread Tools

identity impersonate

 
 
=?Utf-8?B?UGF1bA==?=
Guest
Posts: n/a
 
      01-18-2006
just wondering what could cause identity impersonate = true to not work on a
server? It works on my development machine but when I try it on a server
that has the framework installed it does not seem to work. the setup is
client------>server (should use user password and name)---->webfile gets
file listing from server 3. Server 3 is another server with a shared folder
with the file listing I need to get.

This seem to work where I have the client and Server2 on the same machine,
my development machine. Just wondering if there are any ideas. thanks.
--
Paul G
Software engineer.
 
Reply With Quote
 
 
 
 
cbDevelopment
Guest
Posts: n/a
 
      03-13-2006
Is the root problem that you can't access a file or database from the code?
Have you confirmed that the server/Virtual Directory is using Basic or NTLM
authentication? Otherwise, you'll be impersonating IUSR_ and that won't do
you any good.

--
----
700cb Development, Inc.
http://www.700cb.net
..NET utilities, developer tools,
and enterprise solutions

"=?Utf-8?B?UGF1bA==?=" <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> just wondering what could cause identity impersonate = true to not
> work on a server? It works on my development machine but when I try
> it on a server that has the framework installed it does not seem to
> work. the setup is client------>server (should use user password and
> name)---->webfile gets file listing from server 3. Server 3 is
> another server with a shared folder with the file listing I need to
> get.
>
> This seem to work where I have the client and Server2 on the same
> machine, my development machine. Just wondering if there are any
> ideas. thanks.


 
Reply With Quote
 
 
 
 
=?Utf-8?B?UGF1bA==?=
Guest
Posts: n/a
 
      03-13-2006
Hi thanks for the response. I ended up just moving the files over to the
source machine but would still like to figure out what is going on. Just
wondering how to confirm if the server/Virtual Directory is using Basic or
NTLM authentication?
Thanks, Paul.
--
Paul G



"cbDevelopment" wrote:

> Is the root problem that you can't access a file or database from the code?
> Have you confirmed that the server/Virtual Directory is using Basic or NTLM
> authentication? Otherwise, you'll be impersonating IUSR_ and that won't do
> you any good.
>
> --
> ----
> 700cb Development, Inc.
> http://www.700cb.net
> ..NET utilities, developer tools,
> and enterprise solutions
>
> "=?Utf-8?B?UGF1bA==?=" <(E-Mail Removed)> wrote in
> news:(E-Mail Removed):
>
> > just wondering what could cause identity impersonate = true to not
> > work on a server? It works on my development machine but when I try
> > it on a server that has the framework installed it does not seem to
> > work. the setup is client------>server (should use user password and
> > name)---->webfile gets file listing from server 3. Server 3 is
> > another server with a shared folder with the file listing I need to
> > get.
> >
> > This seem to work where I have the client and Server2 on the same
> > machine, my development machine. Just wondering if there are any
> > ideas. thanks.

>
>

 
Reply With Quote
 
cbDevelopment
Guest
Posts: n/a
 
      03-14-2006
You would use the IIS manager. Get properties of the virtual directory (or
server if you've set up a Web Site for the code). Go to Directory
Security>Anonymous Access and Authentication Control>Edit and see which
checkboxes are checked.

That's only part of the problem. Let's say all three are enabled. The
normal order is NTLM, Basic, Anonymous. So you would think that your users
would be impersonated using their logins. But if the user does not have
access to a file being requested (ASPX, GIF, CSS, whatever), IIS will fall
back to Anonymous access for the request. Then you're impersonating IUSR
again.

So you need to make sure that the folder you've deployed to on the server
has the proper permissions (that doesn't mean Everyone - Full Access,
either). Make a user group, put the designated users in the group and
assign the group to the application folder. Test by removing Anonymous
access to the virtual directory/web site.

Hope this helps.

--
----
700cb Development, Inc.
http://www.700cb.net
..NET utilities, developer tools,
and enterprise solutions

=?Utf-8?B?UGF1bA==?= <(E-Mail Removed)> wrote in
news(E-Mail Removed):

> Hi thanks for the response. I ended up just moving the files over to
> the source machine but would still like to figure out what is going
> on. Just wondering how to confirm if the server/Virtual Directory is
> using Basic or NTLM authentication?
> Thanks, Paul.



 
Reply With Quote
 
=?Utf-8?B?UGF1bA==?=
Guest
Posts: n/a
 
      03-14-2006
Ok thanks for the information. will impliment it when I get a chance.
--
Paul G
Software engineer.


"cbDevelopment" wrote:

> You would use the IIS manager. Get properties of the virtual directory (or
> server if you've set up a Web Site for the code). Go to Directory
> Security>Anonymous Access and Authentication Control>Edit and see which
> checkboxes are checked.
>
> That's only part of the problem. Let's say all three are enabled. The
> normal order is NTLM, Basic, Anonymous. So you would think that your users
> would be impersonated using their logins. But if the user does not have
> access to a file being requested (ASPX, GIF, CSS, whatever), IIS will fall
> back to Anonymous access for the request. Then you're impersonating IUSR
> again.
>
> So you need to make sure that the folder you've deployed to on the server
> has the proper permissions (that doesn't mean Everyone - Full Access,
> either). Make a user group, put the designated users in the group and
> assign the group to the application folder. Test by removing Anonymous
> access to the virtual directory/web site.
>
> Hope this helps.
>
> --
> ----
> 700cb Development, Inc.
> http://www.700cb.net
> ..NET utilities, developer tools,
> and enterprise solutions
>
> =?Utf-8?B?UGF1bA==?= <(E-Mail Removed)> wrote in
> news(E-Mail Removed):
>
> > Hi thanks for the response. I ended up just moving the files over to
> > the source machine but would still like to figure out what is going
> > on. Just wondering how to confirm if the server/Virtual Directory is
> > using Basic or NTLM authentication?
> > Thanks, Paul.

>
>
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
identity impersonate=true masks the identity of the app pool for trusted sql connections Popezilla ASP .Net Security 2 03-18-2007 03:39 AM
DirectoryEntry Impersonate or WindowsIdentity Impersonate? Bill Belliveau ASP .Net Security 3 01-31-2004 04:19 AM
network (drive) access/impersonate identity problem Peter O'Reilly ASP .Net 2 11-03-2003 09:14 PM
identity impersonate for web applications William F. Robertson, Jr. ASP .Net 0 08-29-2003 05:34 PM
<identity impersonate> and NETWORK ACCESS DB-HELP Christian Binder ASP .Net 0 07-25-2003 07:25 AM



Advertisments