Authentication on website application

Authentication on website application

Old forum URL: forums.lhotka.net/forums/t/4509.aspx


jfreeman posted on Monday, March 17, 2008

We have a website that is being built using CSLA and everything is working fine when it is ran on our development machines.  It also works fine when we move the site to a QA server and set it up as a virtual directory in IIS.  However, the admin wants to set it up as site instead of a virtual directory.  When we do that, we get errors on DataPortal.Fetch.  It says it is trying to use 'NT AUTHORITY\ANONYMOUS LOGON'.  Any ideas why it is trying to do this when it is an IIS site?  Thanks.

Jonathan

ajj3085 replied on Monday, March 17, 2008

Your vdir is configured to accept anonymous connections, and the application under which it is running isn't set to run under a specific account.

jfreeman replied on Wednesday, March 19, 2008

Maybe I'm missing something but I still cannot get the site to work.  It is setup in IIS as a site now not a vdir.  Where should I be looking to change the account it is running under?  thanks.

 

Jonathan

ajj3085 replied on Wednesday, March 19, 2008

Depends on the IIS version.  In 6 and above you change the identity of the application pool which your site application is using.  In IIS 5 there's a different place to set it, directly from the site properties page I think.

jfreeman replied on Wednesday, March 19, 2008

I am in IIS 6.  What identity should the App Pool be running under?  Right now, it is set to run NetworkService.

Thanks.

jfreeman replied on Wednesday, March 19, 2008

I was able to setup the App Pool to run under a local user account on that server.  The site is running but when I access the database, this is what I get in Event Viewer:

Process information:
    Process ID: 6368
    Process name: w3wp.exe
    Account name: PANDORA\AppDev

Exception information:
    Exception type: DataPortalException
    Exception message: DataPortal.Fetch failed (Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.)
 
Request information:
    Request URL: http://scorecard/Admin/KpiManagement.aspx
    Request path: /Admin/KpiManagement.aspx
    User host address: 10.10.2.100
    User: LBMCNET\10034
    Is authenticated: True
    Authentication Type: Negotiate
    Thread account name: PANDORA\AppDev

Whey would it be trying to Call Fetch using Anonymous Logon?  Thanks.

ajj3085 replied on Wednesday, March 19, 2008

Did you enable identity impersonate in the web.config file?

jfreeman replied on Wednesday, March 19, 2008

Yes, I have identity impersonate set to true.  Is there another setting I need to change?

Jonathan

Copyright (c) Marimer LLC