A
Anatolij
Hello people.Sorry for stupid question.But who can exlplain to me difference
between IUSR_COMPUTERNAME and ASPNET account.
between IUSR_COMPUTERNAME and ASPNET account.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
A
Andrea D'Onofrio [MSFT]
The first one is an IIS account used for the anonymous authentication, the
second one is an ASP.NET account used for the asp.net worker process.
HtH,
Andrea
second one is an ASP.NET account used for the asp.net worker process.
HtH,
Andrea
S
Svein Terje Gaup
ASP.NET takes advantage of two layers of security: 1) IIS Security, 2)
ASP.NET Security
You may read about the security model here:
http://aspnet.4guysfromrolla.com/articles/031204-1.aspx
What happens is that first, IIS has to authenticate the user. IIS may be set
to one of several different authentication modes, of which one is
"Anonymous". In old ASP, if you selected this option only, the user would
not be authenticated. All the actions of the user would be done using the
"IUSR_MACHINENAME" account.
In ASP.NET you may still be using the same account if you 1) set
authentication in IIS to use Anonymous, and 2) set the
<impersonation="true"> in web.config.
The default, however is <impersonation="false"> which means the "ASPNET"
user account will be used.
If you want to use integrated windows authentication (acces to the website
is done under the users domain or local windows account), then you should
select "Windows Authentication" in IIS and <authentication mode="windows">
(default setting) in web.config. And you should set <impersonation="true">.
Sincerely
Svein Terje Gaup
ASP.NET Security
You may read about the security model here:
http://aspnet.4guysfromrolla.com/articles/031204-1.aspx
What happens is that first, IIS has to authenticate the user. IIS may be set
to one of several different authentication modes, of which one is
"Anonymous". In old ASP, if you selected this option only, the user would
not be authenticated. All the actions of the user would be done using the
"IUSR_MACHINENAME" account.
In ASP.NET you may still be using the same account if you 1) set
authentication in IIS to use Anonymous, and 2) set the
<impersonation="true"> in web.config.
The default, however is <impersonation="false"> which means the "ASPNET"
user account will be used.
If you want to use integrated windows authentication (acces to the website
is done under the users domain or local windows account), then you should
select "Windows Authentication" in IIS and <authentication mode="windows">
(default setting) in web.config. And you should set <impersonation="true">.
Sincerely
Svein Terje Gaup
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Similar Threads
Forum statistics
Latest Threads
-
What are the key advantages of using a SaaS (Software as a Service) model for application development?
- Started by remotedevelopers
-
How to build a database-driven web page
- Started by av3mar1a153
-
Hola
- Started by luuciefer
-
Using a DTSX file with GoDaddy
- Started by IBMJunkman
-
Hello Everyone
- Started by welly
-
Problem with code
- Started by camilin05
-
How to get expertise in "cyber security" or from where to start for this?
- Started by independent
-
Arduino Chess Clock
- Started by ARDU_PROgrammER
-
What steps are the key steps involved in designing a product?
- Started by remotedevelopers