Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > Authentication pb with IIS7, II7.7

Reply
Thread Tools

Authentication pb with IIS7, II7.7

 
 
ADNT
Guest
Posts: n/a
 
      09-06-2009
Hello,

I am migrating an asp.net application from IIS6 to IIS7, this application
uses the 2 authentication modes: Windows and Forms.
For Windows authentication, my web config contains line
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
</authorization>
<identity impersonate="true"/>
<membership defaultProvider="MyMembershipProvider"
userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="MyProvider" type="MyMembershipProvider"
connectionStringName="My_ConnectionString" applicationName="MyApp"
enablePasswordRetrieval="false" enablePasswordReset="true"
requiresQuestionAndAnswer="true" requiresUniqueEmail="true"
passwordFormat="Hashed"/>
</providers>
</membership>
I am very dispointed by the fact that in the PostAuthentication event the
Request.LogonUserIdentity contains 'NT Authority\NetworkService' and not the
current logged user ?


Before this event Current Ueer has been correctly presented in
WindowsAuthentication_OnAuthenticate(object sender,
WindowsAuthenticationEventArgs args), inside the arg parameter, my app uses
it to create an IIdentity and set it as the current session User.

But why the impersonate statment doesn't works ? Could it be an error in
web.config ?

Thanks for help.

CS

 
Reply With Quote
 
 
 
 
Bob Barrows
Guest
Posts: n/a
 
      09-06-2009
ADNT wrote:
> Hello,
>
> I am migrating an asp.net application from IIS6 to IIS7, this


Have you neglected to disable Anonymous in your application's Directory
Security tab in the IIS Mgr Property dialog?

***canned wrong-newsgroup reply************************
There was no way for you to know it (except maybe by browsing through some
of the previous questions in this newsgroup before posting yours - always a
recommended practice) , but this is a classic (COM-based) asp newsgroup.
ASP.Net bears very little resemblance to classic ASP so, while you may be
lucky enough to find a dotnet-knowledgeable person here who can answer your
question, you can eliminate the luck factor by posting your question to a
group where those dotnet-knowledgeable people hang out. I suggest
microsoft.public.dotnet.framework.aspnet or the forums at www.asp.net.
************************************************** ****************


--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
 
 
 
ADNT
Guest
Posts: n/a
 
      09-07-2009
Thanks for answer,

Where is this "Security tab in the IIS Mgr Property dialog" ?
When I open IIS Services Manager, I click on Sites then on My Site, here I
have on the right ASP.NET and IIS and Management but no one contains
security ?

Do you mean the ACLs permission dialog obtain by Edit permission on the app
folder ? But it is not related to anonymous and impersonation ?

CS

"Bob Barrows" <(E-Mail Removed)> a écrit dans le message de
news:(E-Mail Removed)...
> ADNT wrote:
>> Hello,
>>
>> I am migrating an asp.net application from IIS6 to IIS7, this

>
> Have you neglected to disable Anonymous in your application's Directory
> Security tab in the IIS Mgr Property dialog?
>
> ***canned wrong-newsgroup reply************************
> There was no way for you to know it (except maybe by browsing through some
> of the previous questions in this newsgroup before posting yours - always
> a
> recommended practice) , but this is a classic (COM-based) asp newsgroup.
> ASP.Net bears very little resemblance to classic ASP so, while you may be
> lucky enough to find a dotnet-knowledgeable person here who can answer
> your
> question, you can eliminate the luck factor by posting your question to a
> group where those dotnet-knowledgeable people hang out. I suggest
> microsoft.public.dotnet.framework.aspnet or the forums at www.asp.net.
> ************************************************** ****************
>
>
> --
> Microsoft MVP - ASP/ASP.NET - 2004-2007
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>


 
Reply With Quote
 
ADNT
Guest
Posts: n/a
 
      09-07-2009
In IIS authentication I get:

Anonymous authentication: disabled
ASP.NET Impersonation: Enabled
Basic Authentication: disabled
Digest: disabled
Forms: disabled
Windows: Enabled HTTP 401 challenge

???


"Bob Barrows" <(E-Mail Removed)> a écrit dans le message de
news:(E-Mail Removed)...
> ADNT wrote:
>> Hello,
>>
>> I am migrating an asp.net application from IIS6 to IIS7, this

>
> Have you neglected to disable Anonymous in your application's Directory
> Security tab in the IIS Mgr Property dialog?
>
> ***canned wrong-newsgroup reply************************
> There was no way for you to know it (except maybe by browsing through some
> of the previous questions in this newsgroup before posting yours - always
> a
> recommended practice) , but this is a classic (COM-based) asp newsgroup.
> ASP.Net bears very little resemblance to classic ASP so, while you may be
> lucky enough to find a dotnet-knowledgeable person here who can answer
> your
> question, you can eliminate the luck factor by posting your question to a
> group where those dotnet-knowledgeable people hang out. I suggest
> microsoft.public.dotnet.framework.aspnet or the forums at www.asp.net.
> ************************************************** ****************
>
>
> --
> Microsoft MVP - ASP/ASP.NET - 2004-2007
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>


 
Reply With Quote
 
Bob Barrows
Guest
Posts: n/a
 
      09-07-2009
That looks right. I suggest you go to one of the dotnet forums or newsgroups
for assistance.
ADNT wrote:
> In IIS authentication I get:
>
> Anonymous authentication: disabled
> ASP.NET Impersonation: Enabled
> Basic Authentication: disabled
> Digest: disabled
> Forms: disabled
> Windows: Enabled HTTP 401 challenge
>
> ???
>
>
> "Bob Barrows" <(E-Mail Removed)> a écrit dans le message de
> news:(E-Mail Removed)...
>> ADNT wrote:
>>> Hello,
>>>
>>> I am migrating an asp.net application from IIS6 to IIS7, this

>>
>> Have you neglected to disable Anonymous in your application's
>> Directory Security tab in the IIS Mgr Property dialog?
>>
>> ***canned wrong-newsgroup reply************************
>> There was no way for you to know it (except maybe by browsing
>> through some of the previous questions in this newsgroup before
>> posting yours - always a
>> recommended practice) , but this is a classic (COM-based) asp
>> newsgroup. ASP.Net bears very little resemblance to classic ASP so,
>> while you may be lucky enough to find a dotnet-knowledgeable person
>> here who can answer your
>> question, you can eliminate the luck factor by posting your question
>> to a group where those dotnet-knowledgeable people hang out. I
>> suggest microsoft.public.dotnet.framework.aspnet or the forums at
>> www.asp.net.
>> ************************************************** **************** --
>> Microsoft MVP - ASP/ASP.NET - 2004-2007
>> Please reply to the newsgroup. This email account is my spam trap so
>> I don't check it very often. If you must reply off-line, then remove
>> the "NO SPAM"


--
Microsoft MVP - ASP/ASP.NET - 2004-2007
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Failed Authentication, Status "Unsupported Authentication Algorithm" Rafael Cisco 1 11-26-2004 03:57 PM
Basic Authentication v. Integrated Windows Authentication w/ Delegation Mark ASP .Net 0 01-20-2004 03:13 PM
ASP.Net Forms authentication with basic authentication popup Brett Porter ASP .Net 2 01-20-2004 02:17 PM
Moving from Baisc Authentication to Forms Authentication raj mandadi ASP .Net 0 12-22-2003 12:16 AM
Forms Authentication, external authentication server, & rerouting to orig. req. URL Andrew Connell ASP .Net 1 10-21-2003 05:41 PM



Advertisments