Mindboogling security problems

  • Thread starter Thread starter Lloyd Sheen
  • Start date Start date
L

Lloyd Sheen

I need to add a login front end to an existing website. No big deal ????

VS 2005 / Vista / II7 / SQL Express

Well I go into the security and add a welcome page and a login page. Real
easy and the .Net Config tool allows the changing of security and creation
of users etc. Again real easy.

Tested in VS and all works. Close VS and attempt from the internet. I then
get "cannot open user default database. Login failed". I know I am using
correct userid / password.

What gives. So I go back to VS and all is good. Problem is that users
can't run from VS.

???

Lloyd Sheen
 
Sounds like asp.net runs as different accounts
(in the VS internal server and on the internet).

Save the following page to your application directory and run it,
both from inside VS 2005 and from the internet.

identity.aspx:
------------------
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>What account is ASP.NET running as ?</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
-----------

If that file returns different accounts depending on where it's run from,
adjust the access permissions accordingly.



Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
 
Juan T. Llibre said:
Sounds like asp.net runs as different accounts
(in the VS internal server and on the internet).

Save the following page to your application directory and run it,
both from inside VS 2005 and from the internet.

identity.aspx:
------------------
<%@ Page Language="VB" %>
<%@ Import NameSpace = System.Security.Principal %>
<script runat="server">
Sub Page_Load()
Dim tmp As String = WindowsIdentity.GetCurrent.Name()
Label1.Text = tmp
End Sub
</script>
<html>
<head>
<title>What account is ASP.NET running as ?</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:Label ID="Label1" Runat="server" Text="Label"></asp:Label>
</div>
</form>
</body>
</html>
-----------

If that file returns different accounts depending on where it's run from,
adjust the access permissions accordingly.



Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
Click to expand...
Thanks Juan,

I get different values as you suspected. I am in Vista with II7 and
have no idea how to change the access permissions.

Lloyd
 
re:
I get different values as you suspected.
Click to expand...

Yup, that seemed like a likely cause.

re:
I am in Vista with II7 and have no idea how to change the access permissions.
Click to expand...

I'm not using Vista, but the process should be similar to Windows XP or Windows Server:

You open the Windows Explorer ( it may have a different name in Vista )
and right-click the directory where the files are located in.

That will bring up a context menu from which you can select the security options.

From there, you should be able to add whichever account came up when
you ran the file from the internet, so you can give it at least read access.

Check it out. If you need additional help, post back.




Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
 
Back
Top