The problem:
I want to have a (.NET 2.0) smart-client talking to an (IIS, ASP.NET 2.0)
web-server to consume web-services. The authentication on the web-service is
bespoke (I mention this just for completeness; essentially, the web-service
is running (in configuration terms, at least) as anonymous - which is *not*
to say that the methods can be called arbitrarily!).
Anyway... (back to the point): the web-service needs to call down to the
database, and I would like to do this using NT security to avoid having to
store SQL (etc) credentials somewhere like (gasp) web.config. I would also
like to be able to run multiple isolated versions of the site on the same
server (differentiatin g by IP, port or host-header; it makes no real
difference), so I don't really want to GAC it, as this may(?) make it harder
to separate the different sites for upgrade etc (in reality, I would quite
like to run isolated "dev" and "test" environments on the same box in
different sand-boxes, and perhaps run my live "intranet" and "extranet"
environments (which have similar sites but different configurations) on the
same hardware to help spread the (uneven) load).
So: where to set security? If I use SQL security, I need to store the SQL
password somewhere. I could use the IIS identity against the application,
but this then means that if the site was compromised, malicious code could
connect to the db directly (am I being overly paranoid? . I could use
programattic NT impersonation, but this a: might be slower, and b: means I
need to have access to a password within the application, and c: if my app
can get the credentials, then so presumably can the malicious code... so I'm
no better than just using IIS identity, but I've made life hard for myself
in the process...
So: where would *you* set the identity?
(Historically, I have used COM+ components written in VB (running in an
application with configured identity) to achieve the same, but this limits
me to one site = one machine; I'd quite like to break away from this
limitation with .NET web-services).
Thanks in advance,
Marc
1  1772  This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Phillip J. Eby |
last post by:
PEP: 333
Title: Python Web Server Gateway Interface v1.0
Version: $Revision: 1.1 $
Last-Modified: $Date: 2004/08/27 17:30:09 $
Author: Phillip J. Eby <pje at telecommunity.com>
Discussions-To: Python Web-SIG <web-sig at python.org>
Status: Draft
Type: Informational
Content-Type: text/x-rst
Created: 07-Dec-2003
|
by: Carlos G Benevides |
last post by:
I have a ASP.Net web application that has two assemblies that run
under com+. Under Windows 2000 the two assemblies are added to com+
automatically when instantiated from the web site. For this to happen
we had to change the context in which asp.net runs from machine to
SYSTEM by modifying the machine.config file. Under Windows 2003 no
matter how asp.net is set to run as either machine or system. I get
the following error:
...
|
by: Marina Anufreichik |
last post by:
Hi,
After deploymnet web application on web server I can access page on local
machine and login fine but when I'm trying to access web site from remote
machine I can see login page, but when I'm trying to login with correct
credentials it give me error:
Server Error in '/PDVMgr' Application.
----------------------------------------------------------------------------
|
by: Erick Lopez |
last post by:
When I send my web page to browser in ouput windows recibe this message
and the web page the error BC32400
Please Help me
Auto-attach to process ' aspnet_wp.exe' on machine 'TABLET' succeeded.
'DefaultDomain': Loaded 'c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll', No symbols loaded.
'DefaultDomain': Loaded 'c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll', No symbols loaded.
'DefaultDomain':...
|
by: Michael Herman \(Parallelspace\) |
last post by:
1. What are some compelling solutions for using Master/Content pages with
Web Pages?
2. If a content area has a web part zone with web parts, what is the user
experience like when "editting" the web part page? Does it take place at
the page level? ...or the content area level?
3. Where is the Web Part Manager instantiated? ...in the Master Page?
....Content Page? ...elsewhere?
| | |
by: Jonas |
last post by:
Hi.
I'm trying to develop a web custom control that uses a programmatically
created treeview.
My problem is that I get an exception when I try to render the control.
With properties do I have to assign to get this working.
Here is some sample code:
namespace WebControlLibrary1
{
|
by: job |
last post by:
In a sharepoint setup using smartpart to load our user controls using
enterprise blocks (data) we are getting some strange errors (logged to
the event log). We dont get the error all the time. When we get the
error CPU goes 100%
We have been through all we can think of, but have not been able to
locate the source to the error.
Any suggestions?
|
by: Carl Gilbert |
last post by:
Hi
I have implemented the ASP.NET Club Site Starter Kit on my 1&1 web
space.
I have recently been getting some errors where the page doesn't load
and just comes up blank. I have put a handler on Application_Error in
global.asax to email me whenever an error occurs. Sometimes I get upto
100 in an hour which is rather concerning.
I have looked at the error message returned but I can't seem to work
|
by: Tim Mackey |
last post by:
hi,
i have put my web.sitemap in /App_Data so i can edit it programatically via
a web admin page, inheriting the modify permissions from the App_Data folder
etc.
i was hoping the provider would simply persist any changes i made, but it
doesn't happen.
e.g. selected.ParentNode.ChildNodes.Remove(selected);
throws a NotSupportedException "Collection is read-only"
|
by: =?Utf-8?B?YW5vbg==?= |
last post by:
I am not sure if this is the right forum.
Environment : Windows server 2008, IIS 7.0
I get the 'Could not load the file or assembly 'blowery.web.httpCompress' or
one of its dependencies. The system cannot fond the file specified error.
When I comment out the line in the web config file, I get the error on the
line following that.
I have all the dll files in the bin folder.
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
