Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > trying to post to aspx anonyomously is blocked?

Reply
Thread Tools

trying to post to aspx anonyomously is blocked?

 
 
Larry
Guest
Posts: n/a
 
      04-19-2004
I have written a webform page to respond to a users post on the web site.
This worked on the test site which had anonymous turned off. I then moved it
to the regular web site (copied the files, reinstalled the FP extension) and
chaged the setting for anonymous use. but when I try to post the form
results to the aspx page I keep getting the windows authentication dialog.
If I go ahead and give the credentials the page goes ahead and works but I
want this page to work without having need a log in.

I've tried everything I can think of concerning the permissions (which to my
way of thinking must be the problem) on the files and directories that the
aspx page resides in, and the various dotnet directories (per the setting up
an ASPUSER account KB). I've tried adding IUSR_machine to all of them, and I
still get the log-on challenge.

Someone (from the usoft support center) told me once that the NETWORK,
SYSTEM and INTERACTIVE accounts have to have full control on all the
directories, so I check and in some cases modified those to have full
access, still the same behavior. (BTW is there a white paper or something
that explains the purpose of these accounts, when they need to be present
and what permissions they need have when present? The security articles keep
saying remove any unnessecary accounts from various directories but never a
word of if these are needed or are they like the "everyone" account;
automatically added giving unwarrented access to things.)

My server is a win2K server and needs to run IIS (with FPextensions and
dotnet), exchange, SQL, and activedirectory. I know this is not the
recommended configuration but I don't have the billions of dollars usoft has
to run a seperate server for each function. Obviously system admin is not my
forte so I would appreciate as much detailed help as you can give me in
getting the premissions and other security setting set up correctly.

oh yes one other note of interest; I do have the aspx's web.config set to
windows authentication with impersonate set to true.

-Larry


 
Reply With Quote
 
 
 
 
[MSFT]
Guest
Posts: n/a
 
      04-20-2004
Hi Larry,

In Machine.config <ProcessModal> section, did you used the "machine" or
"system" account? If you use "machine" so far, you may try "System"
account", it is desired to have more permission than "machine" (ASPNET).

Additionally, you may take following test to see what is the result:

1. On the web server, create a new virtual folder and add a simple (Blank)
ASPX page, and same web.config. Will the problem also occur with the ASPX
page?
2. In web.config, remove impersonate=true. Does this help?


Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 
Reply With Quote
 
 
 
 
Larry
Guest
Posts: n/a
 
      04-20-2004
I had already tried the items you suggested with no luck. After a few more
hours with filemon and the support staff at MS we found the offending items.

For those that might be following the solution was having to change the
permissions for the system32 directory, and the assembly directory. I had
thought about the assembly directory but I didn't know how to access the
permission settings or about having to unregister/register that directory.
These accesses were caused by my use of CDONTS object. Something that the
examples and documentation I referenced never mentioned were these resources
reside and that I would need to grant additional access channels to the
afore named directories.

It's becoming one of my beef's with MS documentation that very little if any
mentioned is made of what resources (ie files) using these objects in dotnet
programs are used and which child services and objects they depend on, so
one can know were to grant permissions or safely remove or disable unused
items. A good tool is needed that would map out all the modules and services
any given application uses, and what permissions are required. So those of
use that don't live (or want to have to live) administrating servers can
focus on writing applications.

thanks for responding though.

-Larry
"[MSFT]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Larry,
>
> In Machine.config <ProcessModal> section, did you used the "machine" or
> "system" account? If you use "machine" so far, you may try "System"
> account", it is desired to have more permission than "machine" (ASPNET).
>
> Additionally, you may take following test to see what is the result:
>
> 1. On the web server, create a new virtual folder and add a simple (Blank)
> ASPX page, and same web.config. Will the problem also occur with the ASPX
> page?
> 2. In web.config, remove impersonate=true. Does this help?
>
>
> Luke
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>



 
Reply With Quote
 
[MSFT]
Guest
Posts: n/a
 
      04-20-2004
Hi Larry,

CDONTS will require addtional permission. You may refer to following
articles to see if they will help:

PRB: Permission Denied While Using CDONTS to Send Mail with Exchange
http://support.microsoft.com/default...;EN-US;Q228465


XIMS: Minimum NTFS Permissions Required to Use CDONTS
http://support.microsoft.com/default...;EN-US;Q260985

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Enbedding aspx page into another aspx page and post back Naga_01 Software 0 06-06-2006 05:51 AM
adding main.aspx.vb & main.aspx.resx under aspx John M ASP .Net 1 05-29-2005 09:27 PM
aspx page, C#, trying to instantiate a C++ ATL COM control WTH ASP .Net 1 11-01-2004 10:36 PM
Post post post. Shel-hed Computer Support 2 11-08-2003 07:41 AM
How do I post data from aspx page to another aspx page. Sriram Mallajyosula ASP .Net 1 11-05-2003 04:48 PM



Advertisments