Hi Rick,
>>
Hmmm... are you sure you're not getting the wrong credentials here? Unless you have Impersonation set for the ASPX page as well, the credentials will run under the default ASP.NET security account...
>>
Doesn't seem to work that way. If IIS Annon access is disabled the ASPX page seems to run using the windows identity passed from IIS regardless of the impersonate setting in the identity tag.
>>
Passing forward credentials like this is a scary thought because in some ways it allows for scenarios where you might loose control over who logs in where as the second login is indirect.
>>
I'm not clear about what you're saying here. Can you clarify...
My biggest obstacle to experimenting with this at the moment is the fact that when I set impersonate=true then a browser attempting to access any ASP.NET items in it's scope just hangs - no error, no timeout - just sits there indefinitely...
Regards,
Viv
Précédent
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement