Wednesday, November 26, 2008

IIS ASP.Net - What identity is your page running in?

There are at least three identities that I know of when you run an ASP.Net page on an IIS server. They are:

  1. At the page level: Page.User.Identity

  2. At the thread level: System.Threading.Thread.CurrentPrincipal.Identity

  3. At the process level: System.Security.Principal.WindowsIdentity.GetCurrent()


Then there are authentication and impersonation modes to set. In Vista, the Computer Management configuration is not as neat as XP or Server 2003, as follows:


Click to see details


The different identities have values as follows (the IIS server is mozart and the web browser user is UserA):


































Authentication ModeASP.Net ImpersonationProcessThreadPage
AnonymousFalseNT AUTHORITY\
NETWORK SERVICE
--
AnonymousTrueNT AUTHORITY\IUSR--
WindowsFalseNT AUTHORITY\
NETWORK SERVICE
mozart\UserAmozart\UserA
WindowsTruemozart\UserAmozart\UserAmozart\UserA



References:


No comments: