Authentication on website applicationAuthentication on website application
Old forum URL: forums.lhotka.net/forums/t/4509.aspx
jfreeman posted on Monday, March 17, 2008
We have a website that is being built using CSLA and everything is working fine when it is ran on our development machines. It also works fine when we move the site to a QA server and set it up as a virtual directory in IIS. However, the admin wants to set it up as site instead of a virtual directory. When we do that, we get errors on DataPortal.Fetch. It says it is trying to use 'NT AUTHORITY\ANONYMOUS LOGON'. Any ideas why it is trying to do this when it is an IIS site? Thanks.
Jonathan
ajj3085 replied on Monday, March 17, 2008
Your vdir is configured to accept anonymous connections, and the application under which it is running isn't set to run under a specific account.
jfreeman replied on Wednesday, March 19, 2008
Maybe I'm missing something but I still cannot get the site to work. It is setup in IIS as a site now not a vdir. Where should I be looking to change the account it is running under? thanks.
Jonathan
ajj3085 replied on Wednesday, March 19, 2008
Depends on the IIS version. In 6 and above you change the identity of the application pool which your site application is using. In IIS 5 there's a different place to set it, directly from the site properties page I think.
jfreeman replied on Wednesday, March 19, 2008
I am in IIS 6. What identity should the App Pool be running under? Right now, it is set to run NetworkService.
Thanks.
jfreeman replied on Wednesday, March 19, 2008
I was able to setup the App Pool to run under a local user account on that server. The site is running but when I access the database, this is what I get in Event Viewer:
Process information:
Process ID: 6368
Process name: w3wp.exe
Account name: PANDORA\AppDev
Exception information:
Exception type: DataPortalException
Exception message: DataPortal.Fetch failed (Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.)
Request information:
Request URL: http://scorecard/Admin/KpiManagement.aspx
Request path: /Admin/KpiManagement.aspx
User host address: 10.10.2.100
User: LBMCNET\10034
Is authenticated: True
Authentication Type: Negotiate
Thread account name: PANDORA\AppDev
Whey would it be trying to Call Fetch using Anonymous Logon? Thanks.
ajj3085 replied on Wednesday, March 19, 2008
Did you enable identity impersonate in the web.config file?
jfreeman replied on Wednesday, March 19, 2008
Yes, I have identity impersonate set to true. Is there another setting I need to change?
Jonathan
Copyright (c) Marimer LLC