Authorizing Anonymous User - IIS6/.NET

Discussion in 'ASP .Net' started by Kevin Hoskins, Oct 26, 2004.

  1. Is there anyway to force authentication of the Anonymous user?

    Here is the situation:
    I have an ASP.NET page which calls an assembly which requires a certain
    level of permissions. The page is running in a virtual server whose
    anonymous user is a network account with the required permissions. This
    allows anyone to view the page and see the data. This is working great,
    however, due to what is being returned, the page load time is longer than
    what I want the user to have to wait for.

    I moved the process to a seperate thread in order to return the page to the
    user right away. Where the process was working great when run in the same
    thread, it fails to work in the 2nd thread. Somehow the single thread is
    authenticating the anonymous user to run the process, but when spun to a
    different thread which should have the same permissions as the parent, it is
    not authorizing.

    Any suggestions on how to get the thread to use the credentials of the
    parent?
     
    Kevin Hoskins, Oct 26, 2004
    #1
    1. Advertising

  2. Kevin Hoskins

    bruce barker Guest

    when you start a thread in NT, it runs under the context (user) of the
    originating process, not thread. this means if you create a thread, it will
    be the user that asp.net process is running under. you have two options:

    1) change the asp.net machine account to your anonymous account.
    2) have the thread login as the anonymous account at startup.

    -- bruce (sqlwork.com)



    "Kevin Hoskins" <> wrote in message
    news:cllq61$f8j$...
    > Is there anyway to force authentication of the Anonymous user?
    >
    > Here is the situation:
    > I have an ASP.NET page which calls an assembly which requires a certain
    > level of permissions. The page is running in a virtual server whose
    > anonymous user is a network account with the required permissions. This
    > allows anyone to view the page and see the data. This is working great,
    > however, due to what is being returned, the page load time is longer than
    > what I want the user to have to wait for.
    >
    > I moved the process to a seperate thread in order to return the page to

    the
    > user right away. Where the process was working great when run in the same
    > thread, it fails to work in the 2nd thread. Somehow the single thread is
    > authenticating the anonymous user to run the process, but when spun to a
    > different thread which should have the same permissions as the parent, it

    is
    > not authorizing.
    >
    > Any suggestions on how to get the thread to use the credentials of the
    > parent?
    >
    >
    >
     
    bruce barker, Oct 26, 2004
    #2
    1. Advertising

  3. Option #1 requires that the password is in cleartext in the xml - that is
    not acceptable here.
    Option #2 was the route that I went using the network account as the
    anonymous user.

    As of about 15 minutes ago, I solved my problem. In hopes that this will
    help someone else, here is the solution:

    My original code was using the current thread's principal to set the
    WindowsPrincipal. By switching this around to get the WindowsPrincipal and
    use that to set the thread's principal, the authentication started to work.
    Original Code:
    _winPrincipal =(WindowsPrincipal) Thread.CurrentPrincipal;
    _winIdentity = (WindowsIdentity) _winPrincipal.Identity;

    Working Code:
    _winIdentity = WindowsIdentity.GetCurrent();
    _winPrincipal = new WindowsPrincipal(_winIdentity);

    Virtual Directory: Anonymous access only using user account with network
    access
    Web.config: authentication mode: Windows
    impersonation: false


    "bruce barker" <> wrote in message
    news:...
    > when you start a thread in NT, it runs under the context (user) of the
    > originating process, not thread. this means if you create a thread, it

    will
    > be the user that asp.net process is running under. you have two options:
    >
    > 1) change the asp.net machine account to your anonymous account.
    > 2) have the thread login as the anonymous account at startup.
    >
    > -- bruce (sqlwork.com)
    >
    >
    >
    > "Kevin Hoskins" <> wrote in message
    > news:cllq61$f8j$...
    > > Is there anyway to force authentication of the Anonymous user?
    > >
    > > Here is the situation:
    > > I have an ASP.NET page which calls an assembly which requires a certain
    > > level of permissions. The page is running in a virtual server whose
    > > anonymous user is a network account with the required permissions. This
    > > allows anyone to view the page and see the data. This is working great,
    > > however, due to what is being returned, the page load time is longer

    than
    > > what I want the user to have to wait for.
    > >
    > > I moved the process to a seperate thread in order to return the page to

    > the
    > > user right away. Where the process was working great when run in the

    same
    > > thread, it fails to work in the 2nd thread. Somehow the single thread

    is
    > > authenticating the anonymous user to run the process, but when spun to a
    > > different thread which should have the same permissions as the parent,

    it
    > is
    > > not authorizing.
    > >
    > > Any suggestions on how to get the thread to use the credentials of the
    > > parent?
    > >
    > >
    > >

    >
    >
     
    Kevin Hoskins, Oct 26, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Reporter
    Replies:
    3
    Views:
    485
    Mike Schilling
    May 12, 2007
  2. Erick
    Replies:
    0
    Views:
    324
    Erick
    Aug 28, 2007
  3. IIS not authorizing, gives 401.1

    , Jan 26, 2006, in forum: ASP .Net Security
    Replies:
    4
    Views:
    208
  4. CS ADNT
    Replies:
    1
    Views:
    1,371
    amitjul
    Mar 25, 2010
  5. Replies:
    1
    Views:
    228
Loading...

Share This Page