I've got windows authentication enabled on an ASP page so that I can grab the current user's username. This forces the ASP page to run as that user. I want to lock some files down that are currently being accessed by that page. Is there a way to have Windows Authentication enabled and still run the page under the account that IIS is running as?
Asked
Active
Viewed 767 times
0
-
What do you mean by lock down? What happens when you try this? Are you getting an error? – lod3n Sep 29 '09 at 00:51
-
Let's say I have files located in /application/datastore/ and I have a page that needs to touch those files. Currently the files need to have ntfs permissions set so that they are readable by the users that are visiting the site. I want the files to be readable only by the IIS account. This would be the behavior normally, but I have integrated windows authentication enabled, so the pages are being executed as the user. I can't change this as I need their credentials for access controls in the page. – bshacklett Oct 01 '09 at 21:00
1 Answers
0
In the end, I'm just going to be migrating this to ASP.net. There is an article at Microsoft regarding impersonation at http://support.microsoft.com/kb/248187. They have code on that page for a library called LoginAdmin.dll which has a RevertToSelf function that brings the security context back to that of the account running IIS. This can be done much more easily in ASP.net.
bshacklett
- 1,802
- 5
- 23
- 45