IIS 7.5 Windows Authentication fails unless the code files are shared to end users
Question
I'm setting up a simple Classic ASP application, to read the user login using Windows Authentication, in IIS 7.5 on a Windows 2008 R2 Server. (The application is just one file and has this line - response.write(Request.ServerVariables("LOGON_USER")) )
But I'm unable to read the user's login information unless the code files (application directory) are given Read & Execution permissions to the specific person or 'Everyone'. If I remove 'Everyone' or the end user's Id, I'm prompted to a login pop-up which subsequently takes me to the 401 - Unauthorized error.
I've the following settings applied in the IIS…
Set the Application Pool's identity to 'ApplicationPoolIdentity'
Enabled Windows Authentication and disabled all other Authentications.
Moved 'NTLM' to top on the Providers under Windows Authentication.
Set the Impersonate User to False in CGI
Added 'IIS AppPool\\DefaultAppPool' to the Security properties of the application directory.
I'm confused why IIS 7.5 web applications with Windows Authentication needs end users or 'Everyone' to have read access to the code files.
Please suggest your views to resolve this problem and help me run this application without the folders being shared with the end users.
Thanks in advance,
Ashok
1 answers
solution1
1 2014-01-02 18:31:20
I gave a more detailed answer here , but in short there is another set of properties where you can specify the credentials IIS uses to authenticate to the file system, in no longer uses the app pool id. Look for Physical Path Credentials & Physical Path Credentials Logon Type
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.