Re: You are not authorized to view this page
- From: "Kevin Spencer" <kevin@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 20 Oct 2005 19:33:24 -0400
Well, first of all, you need to discriminate between the people who are
wanting to get into your web site, and the application identity. This is a
critical difference.
Your web application is a process, and it always runs under ONE user
account, the one you configured it to run under in IIS. That account
determines what network permissions the web application itself has, for
doing things like file system access, registry permissions, etc. This
identity is the one referenced in your web.config file and IIS application
pool configuration.
Now, when people log into the app, by trying to access it via a browser,
typically, they all log in to the web as the Anonymous Internet User account
on your server. This is an underpriveleged account which has permission to
do very little other than access web pages in your web application. But when
you configure the web site virtual directory to "Integrated Windows
Authentication," you force each user to either be logged into your server
machine as an authorized user (according to the Authentication configuration
in IIS), or to log in with an authorized user account (according to the
Authentication configuration in IIS).
That should be enough information to help you figure out what exactly you
want, and need, to do in order to set up your web application the way you
want to.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
Ambiguity has a certain quality to it.
"Gaetan" <someone@xxxxxxxxxxxxx> wrote in message
news:qt6gl15u0svvbmraon7u95oji55ajcic90@xxxxxxxxxx
>I just cannot read any more MSDN articles on IIS6 and ASP.Net
>authentication ...
> everything is blurry now, tanks to old eyes.
>
> Here is a topo of my environment:
>
> - W2K3 SP1 (IIS 6)
>
> - Web site is a virtual directory under Default Web Site
>
> - Web site is configured with "Integrated Windows Authentication" and the
> "Enable
> anonymous access" is not checked.
>
> - Web site is using a custom application pool.
>
> - Web.config has:
> <authentication mode="Windows" />
> <identity impersonate="false" />
>
> - The application pool is using a domain account and this account is a
> member of IIS_WPG
> on the IIS server.
>
> Here is what is happenning:
>
> - When I use IE from the IIS server, I can access my web application no
> problem.
>
> - When I use IE from another server member of the same AD domain, I always
> get prompted to
> enter credentials. I'm logged on with the domain administrators on that
> other server. The
> only credentials that will allow me to use the web site are those that
> reside on the IIS
> server; <servername>\account. <domain>\account does not work.
>
> Anyone has a clue which turn I missed in the process?
.
- Prev by Date: Re: DateTime Not read Accurately in .Net
- Next by Date: Re: postback causes delay
- Previous by thread: Re: DateTime Not read Accurately in .Net
- Next by thread: Re: You are not authorized to view this page
- Index(es):
Relevant Pages
|
