I wrote a small ASP page for my company for making employee request. I have a custom login page using the asp login control. The website works fine and authenticates users with no problem when I'm using it in development but when I place the website in IIS it denies everyone once they are logged in. I'm using the AzMan Role Provider and have it stored locally on the machine. Why does it work in development but not in IIS, I have the security set to low, allow scripts and executables, I chaned the Directory security with anonymous login using a Domain Admin account just see if that was the problem and it still doesn't work. Can someone please help.
6 6411
Definitely sounds like a permissions issue - so i think you're on the right track. Are you using asp.NET ? If so, try checking the user authentication in your web.config.
Also, what error does it give you?
Sincerely,
Mark
It's definitely a permissions issue and yes I'm using ASP.NET. If I set in the web.config file to impersonate and also assign it a username and password that is part of the Roles, it allows people to login but it also gives them full access to the site since the user that it is impersonating has full rights. Also I'm using Forms Authentication against Active Directory. This is the error I get when I take impersonation off Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) which I know is due to the fact that access to the website is denied but it gives it to everybody even the people that are supposed to have access. I know if you have impersonate on it will impersonate the anonymous user account which is not what I want. Is there a way to have ASP pull the username and password and then impersonate that user, if that makes any sense. I followed everything on setting up ASP to authenticate against Active Directory and using AzMan roles, works great in development but not in production. Wish there was a way to see what credentials it's using to validate against the roles. I appreciate any help. Thank you.
This forum is for classic asp so you'll find it difficult to get the help you need. I'm no expert in .net but I did some searching around regardless...
I found one resource that may help you http://forums.microsoft.com/MSDN/Sho...52850&SiteID=1
In the meantime, I'll contact a mod to have this thread moved to the .net forum where the resident experts there will be able to help you much more than we can.
Good luck!
Sincerely,
Mark
It's definitely a permissions issue and yes I'm using ASP.NET. If I set in the web.config file to impersonate and also assign it a username and password that is part of the Roles, it allows people to login but it also gives them full access to the site since the user that it is impersonating has full rights. Also I'm using Forms Authentication against Active Directory. This is the error I get when I take impersonation off Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) which I know is due to the fact that access to the website is denied but it gives it to everybody even the people that are supposed to have access. I know if you have impersonate on it will impersonate the anonymous user account which is not what I want. Is there a way to have ASP pull the username and password and then impersonate that user, if that makes any sense. I followed everything on setting up ASP to authenticate against Active Directory and using AzMan roles, works great in development but not in production. Wish there was a way to see what credentials it's using to validate against the roles. I appreciate any help. Thank you.
Okay I've been working on this issue some more. I moved the website to our web server that would be running the website. I can login with a user thats part of the domain admins group, and it authorizes the person with no problems, but if I use another user that should have the same access rights as the Domain Admins which is part of the Managers group in the AzMan xml file, it will fail with the same error above. Is there anyway to see what file it's trying to access that it's being denied access too. I look in the event log and it shows that it AUthenicated the user but when it tries to redirect to the default url after authentication it fails. I get an event code of 4011 which I've researched and can't find anything really specific to my problem. I also tried the DCOM fix as described earlier but it didn't change anything. I've posted the Exception that it throws below. Can someone please help. Thank you.
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))]
[TargetInvocationException: Exception has been thrown by the target of an invocation.]
System.RuntimeType.InvokeDispMethod(String name, BindingFlags invokeAttr, Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture, String[] namedParameters) +0
System.RuntimeType.InvokeMember(String name, BindingFlags bindingFlags, Binder binder, Object target, Object[] providedArgs, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParams) +436
System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder binder, Object target, Object[] args, CultureInfo culture) +31
System.Web.Security.AuthorizationStoreRoleProvider .CallMethod(Object objectToCallOn, String methodName, Object[] args) +178
System.Web.Security.AuthorizationStoreRoleProvider .GetClientContextFromName(String userName) +146
System.Web.Security.AuthorizationStoreRoleProvider .GetClientContext(String userName) +73
System.Web.Security.AuthorizationStoreRoleProvider .GetRolesForUserCore(String username) +54
System.Web.Security.AuthorizationStoreRoleProvider .GetRolesForUser(String username) +68
System.Web.Security.RolePrincipal.IsInRole(String role) +272
System.Web.Configuration.AuthorizationRule.IsTheUs erInAnyRole(StringCollection roles, IPrincipal principal) +120
System.Web.Configuration.AuthorizationRule.IsUserA llowed(IPrincipal user, String verb) +300
System.Web.Configuration.AuthorizationRuleCollecti on.IsUserAllowed(IPrincipal user, String verb) +191
System.Web.Security.UrlAuthorizationModule.OnEnter (Object source, EventArgs eventArgs) +2246676
System.Web.SyncEventExecutionStep.System.Web.HttpA pplication.IExecutionStep.Execute() +92
System.Web.HttpApplication.ExecuteStep(IExecutionS tep step, Boolean& completedSynchronously) +64
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.1433; ASP.NET Version:2.0.50727.1433
[quote=Sartuche24]Okay I've been working on this issue some more. I moved the website to our web server that would be running the website...
Sartuche,
I'm having this same problem. Were you able to find a solution?
Thanks,
Greg
Unfortunately I never found an answer to this, I asked around on several other forums to no avail. I developed a way of querying AD Groups and then using the ASPNET DB for roles, if a user is in a Specific groups they will be associated with certain roles that I have set aside and so far it's been working like a charm.
Sign in to post your reply or Sign up for a free account.
Similar topics |
by: php newbie |
last post by:
Hello,
I am trying to load a simple tab-delimited data file to SQL Server. I
created a format file to go with it, since the data file differs from
the destination table in number of columns.
...
|
by: Filipe Henriques |
last post by:
Hello,
I'm having some problems using the Report Manager, but I *really* need
to make a role assignment now. Can't wait to have the problem with
Report Manager solved.
So, I would like to make...
|
by: Hennie |
last post by:
Ho can I get the role of the user in a ASP.net 2.0 web application?
I am using AspNetSqlProvider to manage my membership. I can get the user by
using User.Identity.Name. What will the command be to...
|
by: jobi joy |
last post by:
Hi,
Has new ASP.NET contains all the features of IBM Tivoli Access Manager for
Role/Membership management? Please give an insight on this.
regards
jobi
|
by: John |
last post by:
Hi
This is my first time doing this. I have a typical sql server and vs2005/sql
express 2005 installation on C: drive. I have attached the web config file
that I am using.
I have the...
| |
by: bradgatewood |
last post by:
I am in the process of developing a highly customizable application and
I'm looking for a way to allow personalization by role. This is
different than shared scope in the fact that I want to allow...
|
by: CK |
last post by:
Does anyone have any experience with this? We have an exisitng sql database
with user and role info. I need to write a custom role provider to use this
data. Does anyone have any examples of this...
|
by: Tom Van den Brandt |
last post by:
Hi all!
I'm trying to implement a custom roleprovider in asp.net. The new
roleprovider works fine when I access it programmaticaly. However, it
doesn't seem to work with the standard controls....
|
by: Chris |
last post by:
Hi,
i defined a role ('manager') with one memberuser: Bob.
The website has a subdirectory called "allusers" which contains two pages:
allusers.aspx and manager.aspx.
The page allusers.aspx must...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |