Windows integrated

Discussion in 'ASP .Net Security' started by J-T, Jul 13, 2005.

  1. J-T

    J-T Guest

    We have an asp.net application with <identity impersonate="true"/> and
    <authentication mode="Windows" /> in our web config and we are using Windows
    integrated in IIS and also NT AUTHORITY\NETWORK SERVICE account in its
    application pool. I create an object in Global.asax which monitors a folder
    for upcoming files.What is the security context of the object since there is
    no user (Domain\Username) requesting this object.Is it running under the
    security context of AUTHORITY\NETWORK SERVICE account ?

    Thanks in advance
     
    J-T, Jul 13, 2005
    #1
    1. Advertising

  2. J-T

    Paul Clement Guest

    On Wed, 13 Jul 2005 11:35:14 -0700, "J-T" <> wrote:

    ¤ We have an asp.net application with <identity impersonate="true"/> and
    ¤ <authentication mode="Windows" /> in our web config and we are using Windows
    ¤ integrated in IIS and also NT AUTHORITY\NETWORK SERVICE account in its
    ¤ application pool. I create an object in Global.asax which monitors a folder
    ¤ for upcoming files.What is the security context of the object since there is
    ¤ no user (Domain\Username) requesting this object.Is it running under the
    ¤ security context of AUTHORITY\NETWORK SERVICE account ?

    If I understand your scenario correctly the HTTPContext, WindowsIdentity and thread is operating
    under the security context of the impersonated user, which would be the domain user that is logged
    on to browser client.


    Paul
    ~~~~
    Microsoft MVP (Visual Basic)
     
    Paul Clement, Jul 13, 2005
    #2
    1. Advertising

  3. Hello J-T,

    you can easily find out by logging the current identity.

    WindowsIdentity.GetCurrent().Name holds this information

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > We have an asp.net application with <identity impersonate="true"/> and
    > <authentication mode="Windows" /> in our web config and we are using
    > Windows integrated in IIS and also NT AUTHORITY\NETWORK SERVICE
    > account in its application pool. I create an object in Global.asax
    > which monitors a folder for upcoming files.What is the security
    > context of the object since there is no user (Domain\Username)
    > requesting this object.Is it running under the security context of
    > AUTHORITY\NETWORK SERVICE account ?
    >
    > Thanks in advance
    >
     
    Dominick Baier [DevelopMentor], Jul 13, 2005
    #3
  4. As long as Anonymous auth is turned off, it should be the domain user (else
    a logon prompt will show for the user). If Anonynous auth is enabled (in
    addition to Integrated), then it will probably be the IUSR_{machinename}
    user or whoever you have defined as the anonymous user in IIS.

    --
    - Paul Glavich
    MVP ASP.NET
    http://weblogs.asp.net/pglavich
    ASPInsiders member - http://www.aspinsiders.com


    "J-T" <> wrote in message
    news:%...
    > We have an asp.net application with <identity impersonate="true"/> and
    > <authentication mode="Windows" /> in our web config and we are using
    > Windows integrated in IIS and also NT AUTHORITY\NETWORK SERVICE account
    > in its application pool. I create an object in Global.asax which monitors
    > a folder for upcoming files.What is the security context of the object
    > since there is no user (Domain\Username) requesting this object.Is it
    > running under the security context of AUTHORITY\NETWORK SERVICE account ?
    >
    > Thanks in advance
    >
     
    Paul Glavich [MVP ASP.NET], Jul 14, 2005
    #4
  5. J-T

    J-T Guest

    but which user is that????? no boday has authenticated with my system yet!!
    "Paul Glavich [MVP ASP.NET]" <-NOSPAM> wrote in message
    news:...
    > As long as Anonymous auth is turned off, it should be the domain user
    > (else a logon prompt will show for the user). If Anonynous auth is enabled
    > (in addition to Integrated), then it will probably be the
    > IUSR_{machinename} user or whoever you have defined as the anonymous user
    > in IIS.
    >
    > --
    > - Paul Glavich
    > MVP ASP.NET
    > http://weblogs.asp.net/pglavich
    > ASPInsiders member - http://www.aspinsiders.com
    >
    >
    > "J-T" <> wrote in message
    > news:%...
    >> We have an asp.net application with <identity impersonate="true"/> and
    >> <authentication mode="Windows" /> in our web config and we are using
    >> Windows integrated in IIS and also NT AUTHORITY\NETWORK SERVICE account
    >> in its application pool. I create an object in Global.asax which monitors
    >> a folder for upcoming files.What is the security context of the object
    >> since there is no user (Domain\Username) requesting this object.Is it
    >> running under the security context of AUTHORITY\NETWORK SERVICE account ?
    >>
    >> Thanks in advance
    >>

    >
    >
     
    J-T, Jul 14, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. STom
    Replies:
    0
    Views:
    329
  2. Carlos Fersura

    HttpHandler and Windows Integrated Security

    Carlos Fersura, Oct 29, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    440
    Carlos Fersura
    Oct 29, 2003
  3. Mark
    Replies:
    0
    Views:
    706
  4. NWx
    Replies:
    4
    Views:
    1,979
  5. Andrew
    Replies:
    4
    Views:
    556
    Marty U.
    Jun 23, 2004
Loading...

Share This Page