Advertisement

November 19, 2008 02:25am pst

Experts Exchange

Announcements Feedback

Advertisement

1. KCTS 111,408
2. toniur 90,530
3. Phil_Agc... 68,828
4. rpggamer... 63,924
5. McKnife 53,148
6. tigermatt 52,816
7. richrumble 50,444
8. oBdA 47,082
9. CoccoBill 46,953
10. bbao 43,271
11. snoopfrogg 40,926
12. martin_b... 37,705
13. IndiGenus 34,028
14. r-k 32,170
15. LauraEHu... 31,960
16. johnb6767 29,442
17. slam69 28,502
18. henjoh09 27,750
19. Shift-3 23,836
20. RobWill 23,590
21. DaveHowe 23,000
22. Jay_Jay70 20,800
23. LeeTutor 20,552
24. TechSoEasy 19,625
25. war1 17,840

1. richrumble 672,986
2. r-k 434,030
3. Sheharya... 354,618
4. trywaredk 297,335
5. oBdA 297,207
6. war1 293,536
7. gidds99 268,792
8. rpggamer... 260,843
9. Phil_Agc... 244,228
10. KCTS 197,339
11. toniur 195,512
12. sirbounty 191,193
13. CoccoBill 181,019
14. PeteLong 156,654
15. sunray_... 146,627
16. bbao 126,170
17. johnb6767 124,704
18. Jay_Jay70 117,706
19. McKnife 107,288
20. leew 101,811
21. mdiglio 97,751
22. PowerIT 96,084
23. younghv 84,800
24. LauraEHu... 83,525
25. rindi 83,261

07.15.2008 at 05:55AM PDT, ID: 23565830

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

Problem with IIS Security and User accounts

Asked by capsoftuk in Windows Network Security, Miscellaneous Security, Microsoft IIS Web Server

Tags: ASP.NET, IE6+, none

Hello all,

Were trying to set up a security layer for an application weve built at the moment. Its configured to call a set of web services that we have created the web services build a response from a set of files, and then send an attachment back to our application which then displays it. We would like to use IIS and Windows security settings to satisfy the authentication requirements, but it is proving to be a tad more difficult than we thought.

Basically, we set up (to test this) two separate Virtual Directories in IIS, both with the same permission levels, and also set up two users to be used for the anonymous access for simplicity sake, lets call the virtual directories v1 and v2, and the users u1 and u2. v1 anonymous access is under u1, and v2 is run under u2. Access to these virtual directories will be controlled by a service so only valid users can access v1 and these users cannot access v2 and vice versa. v1 & v2 call the same web service which runs under Integrated Windows Authentication and we want the credentials for the anonymous users u1 & u2 to be passed through to the web services from v1 & v2.

The assumption we are working under is that because the web service is running under Integrated Windows Authentication the web service accessed by user u1 should be able to access files u1 has permissions to and the application would proceed. However, if user u2 attempted to access the same files, an error would be thrown and the application would fail.

We've changed the web configs for v1, v2 and the web services so they're using Windows Authentication.

As it stands at the moment we are getting a 401.2 error returned when v1 or v2 tries to access the web services and due to logging we have in place for the web services we can see that the call isn't getting through at all to them.

We really want to be able to do this using existing Windows security and authentication features as we ideally do not want to have to use impersonation or change code to control the access and user authentication.

Any suggestions would be appreciated.

Cheers

Start Free Trial

Keywords: Problem with IIS Security and User acc…

	Title
1	Why does the fastcgi impersonation w…
2	Can you prove this? (Challenging qu…
3	impersonate account
4	ASP.NET & ActiveDirectory
5	Why impersonate?
6	.NET impersonation

Loading Advertisement...

20081112-EE-VQP-44 / EE_QW_2_20070628

© Copyright Experts Exchange LLC 2008. All rights reserved.