而占当用户浏览到ASP.NET网站使用? [英] Which account is used when a user navigates to a ASP.NET website?

查看:166
本文介绍了而占当用户浏览到ASP.NET网站使用?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

当用户浏览到一个ASP.NET网站,是冒充 ASPNET 帐户或IIS-指定的帐户>目录安全性 - >用于匿名帐户的用户访问(例如: IUSR_XXX

我的网站将文件写入到磁盘,我想知道其中的这些账户需要写访问该文件夹?此外,有人可以解释如何在web.config中关系的冒充元素融入这一切?

谢谢!

解决方案
  

如果启用模拟在ASP.NET应用程序,然后:

     
      
  • 如果匿名访问在IIS中启用,该请求被使用IUSER_机器名账户。
    •   
  • 如果匿名访问在IIS中禁用,请求使用验证用户的账户。
    •   
  • 在任一情况下,该帐户的权限在Windows的访问控制列表(ACL)的资源(多个),该用户请求被选中,和一个资源仅当它们存在下运行的帐户是有效的那的资源。
    •   
     

如果模拟被禁用在ASP.NET应用程序,然后:

     
      
  • 如果匿名访问在IIS中启用,请求使用系统级进程账户。
    •   
  • 如果匿名访问在IIS中禁用,请求使用验证用户的账户。
    •   
  • 在任一情况下,该帐户的权限在Windows ACL中被检查的资源(多个),该用户请求,并且如果该帐户它们
    一个资源仅可   运行下是有效的该资源。
    •   

来源:了解模拟在ASP.NET

When a user browses to a ASP.NET website, is the user impersonating the ASPNET account or the account specified in IIS->Directory Security->Account used for anonymous access (EX: IUSR_XXX)

My website writes files to the disk and I was wondering which of these accounts need write access to the folder? Also, can someone explain how the impersonate element in the web.config ties into all this?

Thanks!

解决方案

If impersonation is enabled in an ASP.NET application then:

  • If anonymous access is enabled in IIS, the request is made using the IUSR_machinename account.
  • If anonymous access is disabled in IIS, the request is made using the account of the authenticated user.
  • In either case, permissions for the account are checked in the Windows Access Control List (ACL) for the resource(s) that a user requests, and a resource is only available if the account they are running under is valid for that resource.

If impersonation is disabled in an ASP.NET application then:

  • If anonymous access is enabled in IIS, the request is made using the system-level process account.
  • If anonymous access is disabled in IIS, the request is made using the account of the authenticated user.
  • In either case, permissions for the account are checked in the Windows ACL for the resource(s) that a user requests, and a resource is only available if the account they are
    running under is valid for that resource.

Source: Understanding Impersonation in ASP.NET

这篇关于而占当用户浏览到ASP.NET网站使用?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
C#/.NET最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆