How do I use File Authorization in ASP.NET 2.0?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman

Answer

Configure the access control lists (ACLs) for the right identities to have appropriate permissions on your ASP.NET files. The FileAuthorizationModule automatically performs access checks against the requested file. FileAuthorizationModule only works if your application is configured to use Windows authentication. The identities that you need to consider for file authorization are

  • Your Web application identity. If you are using a custom service account to run your ASP.NET application, you can grant the appropriate permissions to the IIS metabase and to the file system by running Aspnet_regiis.exe with the –ga switch.
  • Your application's users. ASP.NET file authorization performs access checks for file types mapped by IIS to the ASP.NET ISAPI extension (Aspnet_isapi.dll). If you are using Windows authentication, the authenticated user's Windows access token (which may be IUSR_MACHINE for anonymous users) is checked against the ACL attached to the requested ASP.NET file.

Note. File Authorization works automatically when using Windows Authentication; Impersonation is not required.

Personal tools