Problem with Application Pool User-HELP

I am using (ASP.NET 2.0) .

I have created a virtual directory pointing to my website folder Everything
works fine. I created an Application Pool and assigned a Domain User to that
pool, I assigned application pool to my website( virtual Directory ).


I want to run this application under Application Pool user's account, but it
always performs operations under the user which is defined under Anonymous
account. Why So?


Just for testing my web.config file is as follow:












Also I am using following code to test it.
using System.Security.Principal;
....
WindowsIdentity id = WindowsIdentity.GetCurrent();
Response.Write("Windows Identity Check
");
Response.Write("Name: " + id.Name + "
");


Thanks
DNB

Re: Problem with Application Pool User-HELP

Hi,

If impersonation is enabled, and you access the website as an anonymous
user, it is expected that the thread is executed as the anonymous user
account.

You need to disable impersonation if you want to execute the code as the
user defined in application pool settings.

I hope you understand the security impacts of changing the application pool
identity, and that you set it to a user that does not have too many user
rights.

--
Regards,
Kristofer Gafvert
http://www.gafvert.info/iis/ - IIS Related Info


"DNB" skrev i meddelandet
news:eEFcAttUIHA.3400@TK2MSFTNGP03.phx.gbl...
>I am using (ASP.NET 2.0) .
>
> I have created a virtual directory pointing to my website folder
> Everything works fine. I created an Application Pool and assigned a Domain
> User to that pool, I assigned application pool to my website( virtual
> Directory ).
>
>
> I want to run this application under Application Pool user's account, but
> it always performs operations under the user which is defined under
> Anonymous account. Why So?
>
>
> Just for testing my web.config file is as follow:
>
>
>
>
>
>
>
>
>
>
>
>
> Also I am using following code to test it.
> using System.Security.Principal;
> ...
> WindowsIdentity id = WindowsIdentity.GetCurrent();
> Response.Write("Windows Identity Check
");
> Response.Write("Name: " + id.Name + "
");
>
>
> Thanks
> DNB
>

Re: Problem with Application Pool User-HELP

Thanks. It worked by disabling impersonation

--DNB

"Kristofer Gafvert" wrote in message
news:OB3hksuUIHA.6060@TK2MSFTNGP05.phx.gbl...
> Hi,
>
> If impersonation is enabled, and you access the website as an anonymous
> user, it is expected that the thread is executed as the anonymous user
> account.
>
> You need to disable impersonation if you want to execute the code as the
> user defined in application pool settings.
>
> I hope you understand the security impacts of changing the application
> pool identity, and that you set it to a user that does not have too many
> user rights.
>
> --
> Regards,
> Kristofer Gafvert
> http://www.gafvert.info/iis/ - IIS Related Info
>
>
> "DNB" skrev i meddelandet
> news:eEFcAttUIHA.3400@TK2MSFTNGP03.phx.gbl...
>>I am using (ASP.NET 2.0) .
>>
>> I have created a virtual directory pointing to my website folder
>> Everything works fine. I created an Application Pool and assigned a
>> Domain User to that pool, I assigned application pool to my website(
>> virtual Directory ).
>>
>>
>> I want to run this application under Application Pool user's account, but
>> it always performs operations under the user which is defined under
>> Anonymous account. Why So?
>>
>>
>> Just for testing my web.config file is as follow:
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Also I am using following code to test it.
>> using System.Security.Principal;
>> ...
>> WindowsIdentity id = WindowsIdentity.GetCurrent();
>> Response.Write("Windows Identity Check
");
>> Response.Write("Name: " + id.Name + "
");
>>
>>
>> Thanks
>> DNB
>>
>