DotNet 2 - Applications security

Discussion in 'ASP .Net Security' started by bruttogatto@gmail.com, Aug 30, 2007.

  1. Guest

    Hi all

    I hope somebody can help me

    In a shared environment, I need to use 2 different application pools
    with different security levels, here the example:

    Application pool 1: Environment for customers has to be rescricted in
    some rights (I have altready a trust level just configured)
    Application pool 2: Environment for a private WebService used to
    administer the server, this has to be "full trust"

    My Global web.config is like this:


    <location path="Utilities" allowOverride="true">
    <system.web>
    <identity impersonate="true" />
    <trust level="Full" originUrl="" />
    </system.web>
    </location>

    <location allowOverride="false">
    <system.web>
    <identity impersonate="true"/>
    <securityPolicy>
    <trustLevel name="Full" policyFile="internal" />
    <trustLevel name="High"
    policyFile="web_hightrust.config" />
    <trustLevel name="Medium"
    policyFile="web_mediumtrust.config" />
    <trustLevel name="MediumEx"
    policyFile="web_extra_mediumtrust.config" />
    <trustLevel name="Low"
    policyFile="web_lowtrust.config" />
    <trustLevel name="Minimal"
    policyFile="web_minimaltrust.config" />
    <trustLevel name="MySpecialConfig"
    policyFile="MySpecialConfig.config" />
    </securityPolicy>
    <trust level="MySpecialConfig" originUrl="" />
    </system.web>
    </location>

    but it doesn't do what I want... Or every sites goes to "full trust"
    or in "MySpecialConfig" trust config

    Can somebody tell me where I make mistakes?

    Thanks and sorry for terrible english
     
    , Aug 30, 2007
    #1
    1. Advertising

  2. Dominick Baier, Aug 30, 2007
    #2
    1. Advertising

  3. Guest

    On 30 Ago, 19:44, Dominick Baier
    <dbaier@pleasepleasenospam_leastprivilege.com> wrote:
    > specify the full path to the site/app
    >
    > e.g.
    >
    > <location path="Default WebSite">
    >
    > or
    >
    > <location path="Default WebSite/App1">
    >
    > -----


    let me try to be more accurate

    I don't want to give a different trustlevel to an WEB APPLICATION but
    to an APPLICATION POOL

    Something like:

    <location path="DefaultAppPool">
    .....
    </location>

    and

    <location path="Utilities">
    .....
    </location>

    I hope it's possible... I cant' create so many configurations (allways
    the same config) for each website in my shared webserver

    Thanks for reply
     
    , Aug 31, 2007
    #3
  4. you cannot do that for an app pool. Only for sites and apps.


    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > On 30 Ago, 19:44, Dominick Baier
    > <dbaier@pleasepleasenospam_leastprivilege.com> wrote:
    >> specify the full path to the site/app
    >>
    >> e.g.
    >>
    >> <location path="Default WebSite">
    >>
    >> or
    >>
    >> <location path="Default WebSite/App1">
    >>
    >> -----
    >>

    > let me try to be more accurate
    >
    > I don't want to give a different trustlevel to an WEB APPLICATION but
    > to an APPLICATION POOL
    >
    > Something like:
    >
    > <location path="DefaultAppPool">
    > ....
    > </location>
    > and
    >
    > <location path="Utilities">
    > ....
    > </location>
    > I hope it's possible... I cant' create so many configurations (allways
    > the same config) for each website in my shared webserver
    >
    > Thanks for reply
    >
     
    Dominick Baier, Aug 31, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Al Malossi
    Replies:
    0
    Views:
    673
    Al Malossi
    Sep 12, 2003
  2. Charles A. Lackman
    Replies:
    1
    Views:
    1,403
    smith
    Dec 8, 2004
  3. SpamProof
    Replies:
    0
    Views:
    605
    SpamProof
    Oct 21, 2003
  4. Chuck
    Replies:
    3
    Views:
    529
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Feb 8, 2007
  5. Alfred Sehmueller
    Replies:
    0
    Views:
    274
    Alfred Sehmueller
    Feb 20, 2004
Loading...

Share This Page