ASPNET user

Discussion in 'ASP .Net Security' started by Tumurbaatar S., Nov 5, 2005.

  1. If Windows authentication used to connect to SQL server from ASP.Net
    application, a database should be accessible for ASPNET user account.
    Yes? But if I map ASPNET user to SQL server and grant it database
    access, then other ASP.Net applications can access my database. Yes?
    Also, if impersonation is enabled, then ASPNET is not used in this case,
    but IUSR_XXX. Yes?
     
    Tumurbaatar S., Nov 5, 2005
    #1
    1. Advertising

  2. Yes if you use Integrated Windos Auth which is Windoows Auth.
    You would use ASPNET acct to access the DB if you add the acct to SQL server
    But you need to assign permission to the acct to access your
    tables,Stored_prco etc..
    If you impersonate then you would be using the acct AS WHO YOU ARE to access
    the DB.
    Patrick
    ** **

    "Tumurbaatar S." <> wrote in message
    news:e22Gc#...
    > If Windows authentication used to connect to SQL server from ASP.Net
    > application, a database should be accessible for ASPNET user account.
    > Yes? But if I map ASPNET user to SQL server and grant it database
    > access, then other ASP.Net applications can access my database. Yes?
    > Also, if impersonation is enabled, then ASPNET is not used in this case,
    > but IUSR_XXX. Yes?
    >
    >
     
    Patrick.O.Ige, Nov 5, 2005
    #2
    1. Advertising

  3. Thank you!
    In case of anonymous users that is IUSR_XXX?

    > If you impersonate then you would be using the acct AS WHO YOU ARE to
    > access the DB.
    > Patrick
    > ** **




    >
    > "Tumurbaatar S." <> wrote in message
    > news:e22Gc#...
    >> If Windows authentication used to connect to SQL server from ASP.Net
    >> application, a database should be accessible for ASPNET user account.
    >> Yes? But if I map ASPNET user to SQL server and grant it database
    >> access, then other ASP.Net applications can access my database. Yes?
    >> Also, if impersonation is enabled, then ASPNET is not used in this case,
    >> but IUSR_XXX. Yes?
    >>
    >>

    >
    >
     
    Tumurbaatar S., Nov 6, 2005
    #3
  4. Hello Tumurbaatar S.,

    is the database remote or local?
    which OS ? 2k or 2k3?

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > If Windows authentication used to connect to SQL server from ASP.Net
    > application, a database should be accessible for ASPNET user account.
    > Yes? But if I map ASPNET user to SQL server and grant it database
    > access, then other ASP.Net applications can access my database. Yes?
    > Also, if impersonation is enabled, then ASPNET is not used in this
    > case, but IUSR_XXX. Yes?
    >
     
    Dominick Baier [DevelopMentor], Nov 6, 2005
    #4
  5. It's a local on XP.

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Tumurbaatar S.,
    >
    > is the database remote or local?
    > which OS ? 2k or 2k3?
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> If Windows authentication used to connect to SQL server from ASP.Net
    >> application, a database should be accessible for ASPNET user account.
    >> Yes? But if I map ASPNET user to SQL server and grant it database
    >> access, then other ASP.Net applications can access my database. Yes?
    >> Also, if impersonation is enabled, then ASPNET is not used in this
    >> case, but IUSR_XXX. Yes?
    >>

    >
    >
     
    Tumurbaatar S., Nov 8, 2005
    #5
  6. Hello Tumurbaatar S.,

    but this is not your production system, right?
    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > It's a local on XP.
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello Tumurbaatar S.,
    >>
    >> is the database remote or local?
    >> which OS ? 2k or 2k3?
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> If Windows authentication used to connect to SQL server from ASP.Net
    >>> application, a database should be accessible for ASPNET user
    >>> account. Yes? But if I map ASPNET user to SQL server and grant it
    >>> database access, then other ASP.Net applications can access my
    >>> database. Yes? Also, if impersonation is enabled, then ASPNET is not
    >>> used in this case, but IUSR_XXX. Yes?
    >>>
     
    Dominick Baier [DevelopMentor], Nov 8, 2005
    #6
  7. Yes, but, is there any difference between Win2K and WinXP IIS's?
    I thought theirs security systems almost identical, at least for web app.


    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hello Tumurbaatar S.,
    >
    > but this is not your production system, right?
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> It's a local on XP.
    >>
    >> "Dominick Baier [DevelopMentor]"
    >> <> wrote in message
    >> news:...
    >>
    >>> Hello Tumurbaatar S.,
    >>>
    >>> is the database remote or local?
    >>> which OS ? 2k or 2k3?
    >>> ---------------------------------------
    >>> Dominick Baier - DevelopMentor
    >>> http://www.leastprivilege.com
    >>>> If Windows authentication used to connect to SQL server from ASP.Net
    >>>> application, a database should be accessible for ASPNET user
    >>>> account. Yes? But if I map ASPNET user to SQL server and grant it
    >>>> database access, then other ASP.Net applications can access my
    >>>> database. Yes? Also, if impersonation is enabled, then ASPNET is not
    >>>> used in this case, but IUSR_XXX. Yes?
    >>>>

    >
    >
     
    Tumurbaatar S., Nov 8, 2005
    #7
  8. Hello Tumurbaatar S.,

    OK -

    so with a local database, the ASPNET user account has to have access - this
    won't work with a remote database- or you use sql logins.

    If you have more than one app,and want distinct identities you have to use
    impersonation, IMO this approach is not optimal -

    better would be to use IIS6 where you can give apps distinct worker processes
    which run under distinct accounts.


    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Yes, but, is there any difference between Win2K and WinXP IIS's? I
    > thought theirs security systems almost identical, at least for web
    > app.
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hello Tumurbaatar S.,
    >>
    >> but this is not your production system, right?
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.come i
    >>> It's a local on XP.
    >>>
    >>> "Dominick Baier [DevelopMentor]"
    >>> <> wrote in message
    >>> news:...
    >>>
    >>>> Hello Tumurbaatar S.,
    >>>>
    >>>> is the database remote or local?
    >>>> which OS ? 2k or 2k3?
    >>>> ---------------------------------------
    >>>> Dominick Baier - DevelopMentor
    >>>> http://www.leastprivilege.com
    >>>>> If Windows authentication used to connect to SQL server from
    >>>>> ASP.Net application, a database should be accessible for ASPNET
    >>>>> user account. Yes? But if I map ASPNET user to SQL server and
    >>>>> grant it database access, then other ASP.Net applications can
    >>>>> access my database. Yes? Also, if impersonation is enabled, then
    >>>>> ASPNET is not used in this case, but IUSR_XXX. Yes?
    >>>>>
     
    Dominick Baier [DevelopMentor], Nov 9, 2005
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Gary Nelson

    Upgrade from aspnet 1.1 to aspnet 2.0

    Gary Nelson, Oct 14, 2005, in forum: ASP .Net
    Replies:
    2
    Views:
    496
    Gary Nelson
    Oct 14, 2005
  2. Replies:
    7
    Views:
    673
    Juan T. Llibre
    Mar 23, 2007
  3. Tony Johansson
    Replies:
    3
    Views:
    16,344
    Patrice
    Jan 2, 2010
  4. Brian Schuth
    Replies:
    0
    Views:
    286
    Brian Schuth
    Sep 8, 2003
  5. Alfred Sehmueller
    Replies:
    0
    Views:
    274
    Alfred Sehmueller
    Feb 20, 2004
Loading...

Share This Page