DotNet 2 - Applications security

B

bruttogatto

Hi all

I hope somebody can help me

In a shared environment, I need to use 2 different application pools
with different security levels, here the example:

Application pool 1: Environment for customers has to be rescricted in
some rights (I have altready a trust level just configured)
Application pool 2: Environment for a private WebService used to
administer the server, this has to be "full trust"

My Global web.config is like this:


<location path="Utilities" allowOverride="true">
<system.web>
<identity impersonate="true" />
<trust level="Full" originUrl="" />
</system.web>
</location>

<location allowOverride="false">
<system.web>
<identity impersonate="true"/>
<securityPolicy>
<trustLevel name="Full" policyFile="internal" />
<trustLevel name="High"
policyFile="web_hightrust.config" />
<trustLevel name="Medium"
policyFile="web_mediumtrust.config" />
<trustLevel name="MediumEx"
policyFile="web_extra_mediumtrust.config" />
<trustLevel name="Low"
policyFile="web_lowtrust.config" />
<trustLevel name="Minimal"
policyFile="web_minimaltrust.config" />
<trustLevel name="MySpecialConfig"
policyFile="MySpecialConfig.config" />
</securityPolicy>
<trust level="MySpecialConfig" originUrl="" />
</system.web>
</location>

but it doesn't do what I want... Or every sites goes to "full trust"
or in "MySpecialConfig" trust config

Can somebody tell me where I make mistakes?

Thanks and sorry for terrible english
 
D

Dominick Baier

specify the full path to the site/app

e.g.

<location path="Default WebSite">

or

<location path="Default WebSite/App1">
 
B

bruttogatto

specify the full path to the site/app

e.g.

<location path="Default WebSite">

or

<location path="Default WebSite/App1">

-----
Click to expand...

let me try to be more accurate

I don't want to give a different trustlevel to an WEB APPLICATION but
to an APPLICATION POOL

Something like:

<location path="DefaultAppPool">
.....
</location>

and

<location path="Utilities">
.....
</location>

I hope it's possible... I cant' create so many configurations (allways
the same config) for each website in my shared webserver

Thanks for reply
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Exeception during upgrade 2
Security issue on Windows7 1
Limit component/assembly to use only Medium Trust compatible classes 0
webparts & sqlclientpermission 4
ASP NET 1.1 authorization and IIS 6.0 application pools 0
Web Application over a network share 0
Urgent: Error While deploying ASP.net application 3
using location tag in web.config with custom application pool in I 1

Members online

No members online now.
Total: 39 (members: 0, guests: 39)
Robots: 485

Forum statistics

Threads
473,769
Messages
2,569,578
Members
45,052
Latest member
LucyCarper

Latest Threads

Top