D
donet programmer
I have created web service application in .net 2.0 with IIS set to
disable anonymous access and use windows integrated authentication. My
web.config is set as below
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
When I try to access this web service from my domain account, I can
successfully call web methods. Whereas through my local account, I get
an error saying access denied for user (null).
I thought if I create a web application with same settings I will get
same behavior. But I was wrong when I use my local account I can still
access webforms and LOGON_USER server variable is set to my local
machine name\username.
I am really confused, why does this setting work for web services but
not for web applications. Any ideas would be appreciated.
Thank you.
disable anonymous access and use windows integrated authentication. My
web.config is set as below
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
When I try to access this web service from my domain account, I can
successfully call web methods. Whereas through my local account, I get
an error saying access denied for user (null).
I thought if I create a web application with same settings I will get
same behavior. But I was wrong when I use my local account I can still
access webforms and LOGON_USER server variable is set to my local
machine name\username.
I am really confused, why does this setting work for web services but
not for web applications. Any ideas would be appreciated.
Thank you.