impersonate

X

xiaohang zhu

Hi all,
I create a aspnet web app for my company. I set it up on a win2000
server with IIS5 as a intranet app. For security, I want to restrict
the write permission only to a specified group. To do this, I tried to
set up this way. First, I set iis to use Integrated authentication,
anonymous access is disabled. Second, I modified machine.config. I
modified the <identity impersonate="true" />. I check that
<authentication mode="Windows" />. By set these two setting, I think
that's enough. To make things simple, I don't have any web.config
files. But things get really strange. I'm denied to access my pages,
it says I don't have permission to access. But I have added all domain
users to have access to these pages. The other strange thing is if I
add the aspnet account to the folder ACL, then everybody can access
pages. It seems that all the access is controled by the aspnet
account. But I do set the impersonate="true", why it still acting like
false.
Hope you understand what I'm talking about and give me some ideas.

Thanks

Jerry
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,710
Latest member
bernietqt

Latest Threads

Top