Authorizing Anonymous User - IIS6/.NET

when you start a thread in NT, it runs under the context (user) of the
originating process, not thread. this means if you create a thread, it will
be the user that asp.net process is running under. you have two options:

1) change the asp.net machine account to your anonymous account.
2) have the thread login as the anonymous account at startup.

-- bruce (sqlwork.com)

"Kevin Hoskins" <jh******@ichips.no.intel.spam.com.me> wrote in message
news:cl**********@news01.intel.com...

Is there anyway to force authentication of the Anonymous user?

Here is the situation:
I have an ASP.NET page which calls an assembly which requires a certain
level of permissions. The page is running in a virtual server whose
anonymous user is a network account with the required permissions. This
allows anyone to view the page and see the data. This is working great,
however, due to what is being returned, the page load time is longer than
what I want the user to have to wait for.

I moved the process to a seperate thread in order to return the page to the user right away. Where the process was working great when run in the same
thread, it fails to work in the 2nd thread. Somehow the single thread is
authenticating the anonymous user to run the process, but when spun to a
different thread which should have the same permissions as the parent, it is not authorizing.

Any suggestions on how to get the thread to use the credentials of the
parent?

Option #1 requires that the password is in cleartext in the xml - that is
not acceptable here.
Option #2 was the route that I went using the network account as the
anonymous user.

As of about 15 minutes ago, I solved my problem. In hopes that this will
help someone else, here is the solution:

My original code was using the current thread's principal to set the
WindowsPrincipal. By switching this around to get the WindowsPrincipal and
use that to set the thread's principal, the authentication started to work.
Original Code:
_winPrincipal =(WindowsPrincipal) Thread.CurrentPrincipal;
_winIdentity = (WindowsIdentity) _winPrincipal.Identity;

Working Code:
_winIdentity = WindowsIdentity.GetCurrent();
_winPrincipal = new WindowsPrincipal(_winIdentity);

Virtual Directory: Anonymous access only using user account with network
access
Web.config: authentication mode: Windows
impersonation: false
"bruce barker" <no***********@safeco.com> wrote in message
news:eL**************@TK2MSFTNGP15.phx.gbl...

when you start a thread in NT, it runs under the context (user) of the
originating process, not thread. this means if you create a thread, it will be the user that asp.net process is running under. you have two options:

1) change the asp.net machine account to your anonymous account.
2) have the thread login as the anonymous account at startup.

-- bruce (sqlwork.com)

"Kevin Hoskins" <jh******@ichips.no.intel.spam.com.me> wrote in message
news:cl**********@news01.intel.com...

Is there anyway to force authentication of the Anonymous user?

Here is the situation:
I have an ASP.NET page which calls an assembly which requires a certain
level of permissions. The page is running in a virtual server whose
anonymous user is a network account with the required permissions. This
allows anyone to view the page and see the data. This is working great,
however, due to what is being returned, the page load time is longer than what I want the user to have to wait for.

I moved the process to a seperate thread in order to return the page to the

user right away. Where the process was working great when run in the same thread, it fails to work in the 2nd thread. Somehow the single thread is authenticating the anonymous user to run the process, but when spun to a
different thread which should have the same permissions as the parent,

it is

not authorizing.

Any suggestions on how to get the thread to use the credentials of the
parent?