Solved

specify account other than iuser for .asp page?

Posted on 2004-09-03
6
462 Views
Last Modified: 2008-02-01
is it possible to have a .asp page (only one) handled by iis in a different security context than iuser? i want one (only) script on an .asp page to have access to a folder that i have explicitly denied access to the iuser account (ie i want this asp page to operate as a user with higher credentials).

iis 6 on win2k3 server

thanks in advance
0
Comment
Question by:jlathigee
  • 4
6 Comments
 
LVL 15

Accepted Solution

by:
mattisflones earned 125 total points
Comment Utility
Yes, put the page in a virtual subdir of yor site and set the secsettings as you want there... You can NOT set settings for a single page in a site by itself in IIS.
0
 
LVL 36

Expert Comment

by:Zyloch
Comment Utility
Hi

Ahh, well, just have this in your protected ASP page:

<%
Dim siteBase = "http://www.yourdomain.com/"
If Request.ServerVariables["HTTP_REFERER"] <> siteBase & "yourhigherpermissionpage.asp" Then
    Response.Redirect(Request.ServerVariables["HTTP_REFERER"])
End If
%>

Regards,
Zyloch
0
 
LVL 15

Expert Comment

by:mattisflones
Comment Utility
Or.. just do a include of the page..
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 15

Expert Comment

by:mattisflones
Comment Utility
Glad i could help! :-)
0
 
LVL 34

Expert Comment

by:Dave_Dietz
Comment Utility
Though the answer has already been accepted I thought I would post a correction:

You *can* set the anonymous user identity for a single page in IIS. You can set Authentication methods at the page level and this is where you specify the account used for anonymous access (if you are using anonymous).

For this particular question there is no need to create an entire vdir to host a single page, simply change the anonymous user account for that specific page.

Dave Dietz
0
 
LVL 15

Expert Comment

by:mattisflones
Comment Utility
Dave, how do you do that secure? That would be very interesting to know..
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now