Security

Discussion in 'ASP .Net Security' started by Reza, May 6, 2005.

  1. Reza

    Reza Guest

    Hi

    I have two forests with one way trust between them. My web application is
    in the trusting forest. A user from trusted forest connects to this
    application. He can't touch the resources in his forest! . What's the
    problem? I can do it through a desktop application not through web
    application in Integrated Windows security mode but it works fine in Basic
    Authentication mode. Is it a Kerberose problem? I know that Kerberose is not
    working cross forest but I had the same problem in a single forest. Anybody
    can help me?

    Regards.
    Reza.
    Reza, May 6, 2005
    #1
    1. Advertising

  2. Reza

    WJ Guest

    "Reza" <> wrote in message
    news:...
    > Hi
    >
    > I have two forests with one way trust between them. My web application is
    > in the trusting forest. A user from trusted forest connects to this
    > application. He can't touch the resources in his forest! . What's the
    > problem?


    That is because the web app resides in the trusting forest. It has no
    knowledge of the trusted forest. All it does is to authenticate the users
    from the trusted forest to access the web site in the one which trusts.

    John
    WJ, May 9, 2005
    #2
    1. Advertising

  3. Reza

    Reza Guest

    Thank you John:

    The problem is when I impersonate as the connectiing user and try to create
    a global group in his forest an error happens. I can do that when security
    mode is Basic Authentication in IIS but not when it is Integrated Windows. Is
    is because of Kerberos? The result and error is the same when all domains
    reside in a single forest with transitive two way trust between them.

    Thanks
    Reza

    "WJ" wrote:

    >
    > "Reza" <> wrote in message
    > news:...
    > > Hi
    > >
    > > I have two forests with one way trust between them. My web application is
    > > in the trusting forest. A user from trusted forest connects to this
    > > application. He can't touch the resources in his forest! . What's the
    > > problem?

    >
    > That is because the web app resides in the trusting forest. It has no
    > knowledge of the trusted forest. All it does is to authenticate the users
    > from the trusted forest to access the web site in the one which trusts.
    >
    > John
    >
    >
    >
    Reza, May 9, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Aaron
    Replies:
    1
    Views:
    339
    John C. Bollinger
    Aug 4, 2003
  2. Marco
    Replies:
    1
    Views:
    2,402
    Roedy Green
    Jan 28, 2006
  3. Akram Baig
    Replies:
    0
    Views:
    320
    Akram Baig
    Apr 7, 2011
  4. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    129
    Dinis Cruz
    Oct 11, 2003
  5. Michael Randrup
    Replies:
    3
    Views:
    290
    Henning Krause [MVP]
    Mar 27, 2006
Loading...

Share This Page