This code works fine when it is run from Cassini, but not when it is run from the server (running Windows2003 & IIS). When run from the server the page sits, with the progress bar increasing but never does anything (and doesn't throw an error).
What does Cassini do that is different from IIS that might be allowing the page to load? Is it an issue with authentication (ie Cassini uses the logged in windows account?) I notice that sometimes a box pops up to say that the odbc user is logged in and should
it restart, could it be that cassini runs in an interactive account, while ISS doesn't?
Cassini runs as the current logged on user (your NT credentials), but IIS runs web sites under the ASPNET account which may not have priviliges to access your database. So, if you have rights to the database but the machine ASPNET account does not, then
this database access will work under Cassini but not IIS.
You can use impersonation in your web config file so that the web site will make requests with specific user credentials: <identity impersonate="true" userName="ns130" password="123456" />
Another note. Your code above is a security risk. A malicious user could possibly inject code in 'Me.DropdownList1.SelectedValue', i.e. inject their own 'SelectedValue' and run their own SQL command on your database and possibly expose data.
-Dan
This posting is provided "AS IS" with no warranties, and confers no rights.
ns130
Member
10 Points
2 Posts
Cassini vs IIS - Cassini works, IIS doesn't!
May 03, 2005 12:32 PM|LINK
I have a webpage (ASP.NET, vb) which executes the following code when a button is clicked:
OdbcConnection1.Open()
odbccommand1.Connection = OdbcConnection1
OdbcCommand1.CommandType = CommandType.Text
odbccommand1.CommandText = "XXXXXXXXXX = '" & Me.DropDownList1.SelectedValue & "'"
monReader = odbccommand1.ExecuteReader()
DataGrid1.DataSource = monReader
DataGrid1.DataBind()
OdbcConnection1.Close()
This code works fine when it is run from Cassini, but not when it is run from the server (running Windows2003 & IIS). When run from the server the page sits, with the progress bar increasing but never does anything (and doesn't throw an error).
What does Cassini do that is different from IIS that might be allowing the page to load? Is it an issue with authentication (ie Cassini uses the logged in windows account?) I notice that sometimes a box pops up to say that the odbc user is logged in and should it restart, could it be that cassini runs in an interactive account, while ISS doesn't?
Any help would be gratefully received.
Many Thanks
danmor
Contributor
4590 Points
910 Posts
Microsoft
Re: Cassini vs IIS - Cassini works, IIS doesn't!
May 12, 2005 11:34 PM|LINK
Cassini runs as the current logged on user (your NT credentials), but IIS runs web sites under the ASPNET account which may not have priviliges to access your database. So, if you have rights to the database but the machine ASPNET account does not, then this database access will work under Cassini but not IIS.
You can use impersonation in your web config file so that the web site will make requests with specific user credentials: <identity impersonate="true" userName="ns130" password="123456" />
Another note. Your code above is a security risk. A malicious user could possibly inject code in 'Me.DropdownList1.SelectedValue', i.e. inject their own 'SelectedValue' and run their own SQL command on your database and possibly expose data.
This posting is provided "AS IS" with no warranties, and confers no rights.