MSXML what security context is used?

From: rox.scott (anonymous_at_discussions.microsoft.com)
Date: 02/23/04

Next message: Adrian Forbes [ASP MVP]: "Re: Interface question"

Previous message: Chris Barber: "Re: Interface question"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 23 Feb 2004 10:36:06 -0800

If I create an MSXML4 object in an ASP page (set xmldoc = Server.CreateObject("Msxml2.DOMDocument.4.0"))
... and then apply an XSL style*** (xmldoc.transformNode(xsldoc))
... and then call a VB script function inside the style*** (<msxml:script>)
... and then create another object inside that style*** vb function (set myobj = CreateObject("myobj.myclass")),
under whose security context is myobj now running ??

On my server, all authenticated domain users have full registry access.
The web is authenticating every user (i.e. *not* anonymous) and then doing the above steps.
Except the object created in the last step is unable to read the registry -- an error occurs.
Note that this is completely sporadic behavior, that is only repeatable 1/1000 times.

Is this an issue related to Q317244 or Q318958 or Q328995 (ADO Objects in XSL Script Allows Cross Domain Access)??

Next message: Adrian Forbes [ASP MVP]: "Re: Interface question"

Previous message: Chris Barber: "Re: Interface question"
Messages sorted by: [ date ] [ thread ]