IIS
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationIIS
Reload this Page

Problems with IIS security and user accounts

Discuss Problems with IIS security and user accounts in the IIS forum on Dev Shed.
Problems with IIS security and user accounts IIS forum discussing Microsoft's Internet Information Server including its configuration, optimization and other related topics. IIS is the most popular web server for the Windows platform.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old July 15th, 2008, 08:15 AM
capandysoft capandysoft is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jul 2008
Posts: 1 capandysoft User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 3 m 38 sec
Reputation Power: 0
Problems with IIS security and user accounts
Hello all,


Were trying to set up a security layer for an application weve built at the moment. Its configured to call a set of web services that we have created  the web services build a response from a set of files, and then send an attachment back to our application which then displays it. We would like to use IIS and Windows security settings to satisfy the authentication requirements, but it is proving to be a tad more difficult than we thought.

Basically, we set up (to test this) two separate Virtual Directories in IIS, both with the same permission levels, and also set up two users to be used for the anonymous access  for simplicity sake, lets call the virtual directories v1 and v2, and the users u1 and u2. v1 anonymous access is under u1, and v2 is run under u2. Access to these virtual directories will be controlled by a service so only valid users can access v1 and these users cannot access v2 and vice versa. v1 & v2 call the same web service which runs under Integrated Windows Authentication and we want the credentials for the anonymous users u1 & u2 to be passed through to the web services from v1 & v2.

The assumption we are working under is that because the web service is running under Integrated Windows Authentication the web service accessed by user u1 should be able to access files u1 has permissions to and the application would proceed. However, if user u2 attempted to access the same files, an error would be thrown and the application would fail.

We've changed the web configs for v1, v2 and the web services so they're using Windows Authentication.

As it stands at the moment we are getting a 401.2 error returned when v1 or v2 tries to access the web services and due to logging we have in place for the web services we can see that the call isn't getting through at all to them.

We really want to be able to do this using existing Windows security and authentication features as we ideally do not want to have to use impersonation or change code to control the access and user authentication.

Any suggestions would be appreciated.

Cheers
Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationIIS > Problems with IIS security and user accounts

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway
Stay green...Green IT