Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Basic authentication and user access
Message
From
30/12/2016 04:03:28
Viv Phillips
Hay-On-Wye, United Kingdom
 
 
To
29/12/2016 15:28:45
Michel Fournier
Level Extreme Inc.
Petit-Rocher, New Brunswick, Canada
General information
Forum:
Microsoft IIS Server
Category:
Other
Title:
Re: Basic authentication and user access
Environment versions
OS:
Windows 8.1
Network:
Windows Server 2012
Database:
Visual FoxPro
Miscellaneous
Thread ID:
01646198
Message ID:
01646207
Views:
54
>I have been trying to figure this one out since about an hour. I enabled basic authentication on a directory. I removed anonymous. So, basically, when accessing something in that directory, the basic authentication is shown. I enter a valid username and password from the domain and it validates. However, I did not even give the access to that directory to the user, and after a valid login, we can proceed. I checked the directory permissions. Everything in there is locked. This is only administrators, system and things like that. So, what gives any user doing a login to proceed?

I think you are confusing authentication and authorization. Windows authentication is only going to check that the user has a valid windows account in the server - access is still determined by the App Pool account. You need to determine the actual user permissions yourself but how you do this depends on your needs. See this for the options :

https://msdn.microsoft.com/en-us/library/aa291540(v=vs.71).aspx
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform