Impersonation In Asp.net
I've developed some components which can create user accounts on the web server. The asp files resided on the server will call these components to do the job BUT the "aspnet" (asp.net worker process account) doesn't have enough privilege to do so... (as the components are called in the context of this "low privilege" account).
I understand that .Net framework has something alled "impersonation" which can run the worker process in the context of some "higher" account (in this case, accounts under administrators group). The problem seems to be solved with this approach but now the problem is that the "impersonated" account, which is the "admin" account's name and password, is stored in "cleartext" in the web.config file which imposes serious security issue.
A solution solving this is to store the username and password in the registry and encrypt them... however, the debugger returns error that the "password" entry cannot be read from the registry.even I did give the permission "read" to the worker process... so how can this be resolved? Or is this the right way to do this kind of job?
View Replies
I've two Win2000 Advanced Server (ServerA and ServerB) both part of an Active Directory.
The Active Directory Server is named ServerC.
On ServerA I've published an asp page PageA.asp inside a virtual directory VirtuaA.
On ServerB I've published an asp page PageB.asp inside a virtual directory VirtuaB.
Inside both server I've installed Microsoft XML Parser 4.0 sp2
Both virtual directories have setted Windows Integrated Authentication.
PageA.asp has to get PageB.asp using ServerXmlHttp object and to show its contents.
When I try to get PageA.asp from any client part of the same active directory I obtain an error: I'm not authorized to get PageB.asp.
I've tried to use every solution founded on previous posts:
- proxycfg -d -p " " "*" on ServerA
- flag "trust for delegation" on Active Directory Control Panel of ServerC
- ASP instruction .setProxy 2, " ", "*" inside PageA.asp
Every solutions have failed....
View Replies
View Related
I am unable to create object of ("Lotus.NotesSession") from ASP page.I am getting OutOfMemory error.
If i do same thing from ASP.Net and add <identity tag in web.config file with My Network
Logon Id and password it works fine. So i want to know How to implement this impersonation in ASP.
View Replies
View Related
I'm designing a Form Authentication to authenticate users in IIS in order to
redirect them, already authenticated, to their webdav folders.
This should work like this:
IIS AuthApp ---> Check Login and Impersonate -------> IIS WebDav
after 3 days using code from MSDN Network, I can't seem to find out why it
has throws an "Impersonation Failed" exception when credentials are correct.
If i miswrite a password it gives a Username / password invalid, if it is
correct, bam! an exception hitting me right in between the eyes...
View Replies
View Related