A
axford
Hello all,
Please help me with the following intranet security
problem:
I have set my IIS security to 'Windows Integrated' and
have NTFS security for the ASPNET account correct on all
web application folders. On one subfolder I want to
restrict access to administrators, managers and system. I
try this via NTFS.
In my web.config I have:
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization><allow users="*" /></authorization>
<customErrors mode="Off"></customErrors>
When I restrict the NTFS security on the subfolder to the
above mentioned groups the access denied error ("Failed
to start monitoring file changes.") occurs with stack
trace (only the end):
System.Web.HttpContext.GetCompleteConfigRecord(String
reqpath, IHttpMapPath configmap) +434
System.Web.HttpContext.GetCompleteConfig() +49
System.Web.HttpContext.GetConfig(String name) +195
System.Web.CustomErrors.GetSettings(HttpContext context,
Boolean canThrow) +20
System.Web.HttpResponse.ReportRuntimeError(Exception e,
Boolean canThrow) +40
This seems to indicate an error while parsing the config
file. However when I add 'everyone:Read and Execute'
access to the specified subfolder everything works
perfect. So it must be a security problem. Of course I am
using an account that belongs to one of the above
mentioned groups!
Also strange is that access denied refers
to 'c:\inetpub\wwwroot\MyApp\SpecialSubfolder\web.config'
while the only web.config I know of
is 'c:\inetpub\wwwroot\MyApp\web.config'.
I read several KB articles, but none of them looks
related to the specific stack trace above.
Can anybody solve this issue?
thx.
Please help me with the following intranet security
problem:
I have set my IIS security to 'Windows Integrated' and
have NTFS security for the ASPNET account correct on all
web application folders. On one subfolder I want to
restrict access to administrators, managers and system. I
try this via NTFS.
In my web.config I have:
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization><allow users="*" /></authorization>
<customErrors mode="Off"></customErrors>
When I restrict the NTFS security on the subfolder to the
above mentioned groups the access denied error ("Failed
to start monitoring file changes.") occurs with stack
trace (only the end):
System.Web.HttpContext.GetCompleteConfigRecord(String
reqpath, IHttpMapPath configmap) +434
System.Web.HttpContext.GetCompleteConfig() +49
System.Web.HttpContext.GetConfig(String name) +195
System.Web.CustomErrors.GetSettings(HttpContext context,
Boolean canThrow) +20
System.Web.HttpResponse.ReportRuntimeError(Exception e,
Boolean canThrow) +40
This seems to indicate an error while parsing the config
file. However when I add 'everyone:Read and Execute'
access to the specified subfolder everything works
perfect. So it must be a security problem. Of course I am
using an account that belongs to one of the above
mentioned groups!
Also strange is that access denied refers
to 'c:\inetpub\wwwroot\MyApp\SpecialSubfolder\web.config'
while the only web.config I know of
is 'c:\inetpub\wwwroot\MyApp\web.config'.
I read several KB articles, but none of them looks
related to the specific stack trace above.
Can anybody solve this issue?
thx.