IIS Not using anonymous impersonation

Discussion in 'ASP .Net Security' started by MattC, Jan 4, 2005.

  1. MattC

    MattC Guest

    Hi,

    I havea web app that has anonymous accesss enabled. I have specified that
    IIS should have the credentials of a user in the active directory. This
    user has rights to my SQL Server database.

    In my web.config file I have impersonate=true set.

    However when I try to access my website an error is produced. On checking my
    error log it shows that it failed due to the fact that the user trying to
    acccess the database has no rights. Instead of using the user specified in
    IIS it seems IIS is using the domain and username of the client, not what I
    want.

    How do I get IIS to use the user specified in the Directory Security tab of
    the web app's properties in IIS?

    I have anonymous access ticked and Integrated authentication ticked (without
    the second no access at all is allowed).

    TIA

    MattC
     
    MattC, Jan 4, 2005
    #1
    1. Advertising

  2. MattC

    Paul Clement Guest

    On Tue, 4 Jan 2005 09:10:45 -0000, "MattC" <> wrote:

    ¤ Hi,
    ¤
    ¤ I havea web app that has anonymous accesss enabled. I have specified that
    ¤ IIS should have the credentials of a user in the active directory. This
    ¤ user has rights to my SQL Server database.
    ¤
    ¤ In my web.config file I have impersonate=true set.
    ¤
    ¤ However when I try to access my website an error is produced. On checking my
    ¤ error log it shows that it failed due to the fact that the user trying to
    ¤ acccess the database has no rights. Instead of using the user specified in
    ¤ IIS it seems IIS is using the domain and username of the client, not what I
    ¤ want.
    ¤
    ¤ How do I get IIS to use the user specified in the Directory Security tab of
    ¤ the web app's properties in IIS?
    ¤
    ¤ I have anonymous access ticked and Integrated authentication ticked (without
    ¤ the second no access at all is allowed).

    I think what's happening is that Integrated authentication is being used because Anonymous
    authentication is being denied access to a resource. You need to set up NTFS file permissions
    correctly for the Anonymous account that you are attempting to impersonate.

    The fact that you're being denied access when using Anonymous access exclusively would indicate that
    the Anonymous account does not have sufficient permissions to access the web application resources.


    Paul ~~~
    Microsoft MVP (Visual Basic)
     
    Paul Clement, Jan 4, 2005
    #2
    1. Advertising

  3. MattC

    MattC Guest

    Paul,

    Spot on. Somehow my application's user account password was reset, i didn't
    realise that the the failover for access denied is to use Integrated
    authentication, makes sense now that I think of it.

    Thanks for your time

    MattC

    "Paul Clement" <> wrote in message
    news:...
    > On Tue, 4 Jan 2005 09:10:45 -0000, "MattC" <> wrote:
    >
    > ¤ Hi,
    > ¤
    > ¤ I havea web app that has anonymous accesss enabled. I have specified
    > that
    > ¤ IIS should have the credentials of a user in the active directory. This
    > ¤ user has rights to my SQL Server database.
    > ¤
    > ¤ In my web.config file I have impersonate=true set.
    > ¤
    > ¤ However when I try to access my website an error is produced. On
    > checking my
    > ¤ error log it shows that it failed due to the fact that the user trying
    > to
    > ¤ acccess the database has no rights. Instead of using the user specified
    > in
    > ¤ IIS it seems IIS is using the domain and username of the client, not
    > what I
    > ¤ want.
    > ¤
    > ¤ How do I get IIS to use the user specified in the Directory Security tab
    > of
    > ¤ the web app's properties in IIS?
    > ¤
    > ¤ I have anonymous access ticked and Integrated authentication ticked
    > (without
    > ¤ the second no access at all is allowed).
    >
    > I think what's happening is that Integrated authentication is being used
    > because Anonymous
    > authentication is being denied access to a resource. You need to set up
    > NTFS file permissions
    > correctly for the Anonymous account that you are attempting to
    > impersonate.
    >
    > The fact that you're being denied access when using Anonymous access
    > exclusively would indicate that
    > the Anonymous account does not have sufficient permissions to access the
    > web application resources.
    >
    >
    > Paul ~~~
    > Microsoft MVP (Visual Basic)
     
    MattC, Jan 6, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?amVzdGVy?=
    Replies:
    1
    Views:
    478
    Patrice
    Sep 23, 2004
  2. Reporter
    Replies:
    3
    Views:
    485
    Mike Schilling
    May 12, 2007
  3. sam

    ASP.NET Anonymous Impersonation

    sam, Aug 19, 2004, in forum: ASP .Net Security
    Replies:
    5
    Views:
    351
  4. anonymous access + impersonation

    , Jan 30, 2006, in forum: ASP .Net Security
    Replies:
    5
    Views:
    242
  5. Replies:
    1
    Views:
    227
Loading...

Share This Page