David
Sat Nov 25 19:44:51 CST 2006
In a client-server scenario, the user account used to invoke an ASP
page on the server is unrelated to how/where/who you invoke it.
Localhost, user with administrator privileges, etc makes no difference.
Another way to think about it -- just because you are a user with
administrator privileges on your machine, does it mean that when
browsing an ASP page on microsoft.com, you are an administrator on
microsoft.com and can write files to that website?
Please read this URL on how IIS decides the user account which runs an
ASP page:
http://blogs.msdn.com/david.wang/archive/2005/06/29/IIS_User_Identity_to_Run_Code_Part_2.aspx
First decision you have to make is Authentication Protocol. Do you want
to use:
- Anonymous Authentication, which forces everyone to automatically run
as the same user identity on the server to invoke the ASP page.
- Any other Authentication protocol, which forces everyone to login as
any valid NT user identity on the server to invoke the ASP page
Then you have to decide on the folders you want the user identity
obtained through Authentication to access, and with what authorized
privileges.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
Dennis Milns wrote:
> Thank you for your response - how do I get the user account under which asp
> runs to have the right privileges? I am invoking the asp as a localhost
> webpage from a user with administrator privileges. I have heard of a nt
> service? user but do not have one set up - should I?
> --
> Thanks
> Dennis
>
>
> "David Wang" wrote:
>
> > You can do what you want with ASP and FileSystemObject and a user
> > account with sufficient privileges to access the folders. The fact that
> > a folder is hidden is irrelevant to FileSystemObject - it can still
> > navigate it.
> >
> > Of course, there are other approaches as well. If you want to use
> > ASP.Net to do this (which has the same exact set of details and
> > complexities as ASP), then you should just install .Net Framework. You
> > do not need to run aspnet_regiis at any time.
> >
> > FYI: There is no such thing as a "browser session" nor "temp user
> > account for the duration of the browser session" on IIS. IIS executes
> > all code with a known authenticated user principle, either hard-wired
> > to server-configuration or obtained from an Authentication protocol. An
> > application only assumes that it can do its tasks given the correct
> > user identity and system-wide ACL. It is the server's configuration
> > that determines the user identity and system-wide ACL.
> >
> > Thus, you are confusing the application's task (choice of ASP/ASP.Net)
> > and system/server configuration of user identity and system-wide ACL.
> >
> >
> >
> > //David
> >
http://w3-4u.blogspot.com
> >
http://blogs.msdn.com/David.Wang
> > //
> >
> >
> > Dennis Milns wrote:
> > > Update: Browsing elsewhere I see something about running aspnet_regiis - how
> > > do I do this - must I install asp.net - is so what do I need
> > > --
> > > Thanks
> > > Dennis
> > >
> > >
> > > "Dennis Milns" wrote:
> > >
> > > > Using asp and running localhost is there any way of setting up the session so
> > > > that I can read/write files which are in a folder off a hidden folder. I
> > > > understand the basic reason I haven't been able is because the server sets up
> > > > a temp 'user account' for the duration of the browser session. Can I give
> > > > this account the permissions to access such files.
> > > > Thanks
> > > > Dennis
> >
> >