web.config and Anonymous Authentication problems ???

  • Thread starter Thread starter Chris
  • Start date Start date
C

Chris

Impossible to add control on WebForm

==> make sure path of project doesn't contain a '#'

*********************************************************************************************************************************
Is it possbile to create a webcontrols library ? (cfr. WinControls
library)


*********************************************************************************************************************************
Starting application opens several tab-pages with errors:

==> make sure not to include spaces in filenames

else, right-click on .aspx - file , select 'View in browser'

*********************************************************************************************************************************
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict/.......>

definitions prevents execution of JavaScript events ??

*********************************************************************************************************************************
Debugging Javascript in IE:
1. enable debugging in IE: go to Tools > Internet Options > Advanced,
and make sure “Disable Script Debugging (Internet Explorer)” is
unchecked

2. in VS: set breakpoint --> start debug (make sure page in viewed in
IE)

Debugging Javascript in FF:
- install FireBug Add-On

*********************************************************************************************************************************
lifetime of Session and Application:

Hello.

Lifetime of Session-data is specified in web.config.

But what about Application-data?

I have a little testWebApp in which Session-timeout is set to 1 minute

Application["AppData"] = 1;
Session["SessionData"] = 2;

lblAppData.Text = Application["AppData"] != null ?
Application["AppData"]: "Expired"
lblSessionData.Text = Session["SessionData"] != null ?
Session["SessionData"]: "Expired"

refreshing the page after more than 1 minute displays "Expired" for
Session but keeps on showing the Application-data.

So, what determines the lifetime of Application-data?

thx
Chris

Application data only expires if IIS is restarted, or the application
pool it's hosted in is recycled. This can happen if the website is not
accessed for a long time, or if a worker process crashes or is recycled
by IIS due to it using too much RAM. Application variables should not be
treated as a permanent data store and your application should be able to
cope with the Application variables disappearing at any time.

*********************************************************************************************************************************
Hi.

I'm experimenting with authentication in web.config and IIS 7.0 and
have 2 questions:

1. using <identity impersonate="false" /> or <identity
impersonate="true" />
--> no difference in Authentication behaviour

2. In IIS 7.0, whether I enable or disable Anonymous
Authentication, there's no difference either
--> so, what is it for then in IIS?

======================================================================
Here's my setup for the first question: I just have one webfom1.aspx
having as only relevant code

protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
lblAuthentication.Text = "Authenticated user: " +
User.Identity.Name;
else
lblAuthentication.Text = "User was not authenticated.
Anonymous access ";

lblWindowsIdentity.Text = "Windows identity: " +
WindowsIdentity.GetCurrent().Name;
} // Page_Load()

-----------------------------------------------------------------------------------------------------------------------------------------------
Scenario1.1:
- IIS 7.0: Anonymous Authentication: enabled
- web.config:
<authentication mode="None" />
<identity impersonate="false" />

I get following output
User was not authenticated. Anonymous access
Windows identity: MyPC\MyAdminName

Scenario1.2:
- IIS 7.0: Anonymous Authentication: enabled
- web.config:
<authentication mode="None" />
<identity impersonate="true" />

I get the SAME output as in scenario 1.2

In IIS 6.0, there was a difference.
With <identity impersonate="false" /> user was ASPNET
With <identity impersonate="true" /> user was
IUSR_something
-----------------------------------------------------------------------------------------------------------------------------------------------
Scenario1.3:
- IIS 7.0: Anonymous Authentication: enabled
- web.config:
<authentication mode="Windows" />
<identity impersonate="false" />

I get following output
Authenticated user: MyPC\MyAdminName
Windows identity: MyPC\MyAdminName

Scenario1.4:
- IIS 7.0: Anonymous Authentication: enabled
- web.config:
<authentication mode="Windows" />
<identity impersonate="true" />

I get the SAME output as in scenario 1.3

Repeating my 1st question: in IIS 7.0, what does impersonate do
anyway ?

======================================================================
Second question:
Scenarios are similar to above ones except that this time
- IIS 7.0: Anonymous Authentication: disabled

I don't have to write down the outputs because they are exactly the
same as those in each respective scenario above.

In other words in IIS 7.0, whether I enable or disable Anonymous
Authentication , there's no difference at all

Repeating my 2nd question: in IIS 7, what is Anonymous Authentication
for ?
======================================================================

help greatly appreciated

Chris
 
Back
Top