Last post Aug 14, 2018 01:03 PM by DA924
Aug 14, 2018 11:57 AM|Shaghdari|LINK
I want to restrict access to my web application to a limited set of users. For this reason, I did the following:
1) In web.config file, I added this code:
<add key="UsersFullPermission" value="myUserName" />
2) In Default.aspx, I added the below line before Page_Load event:
string LoginUserName = HttpContext.Current.Request.LogonUserIdentity.Name.ToString().Split('\\');
3) Inside Page_Load event, I addded the below code:
It seems everything is working fine when I build the solution in localhost. However, when I published my solution and accessed it from the web browser, it took me directly to AccessDenied.aspx. Any explanation why this behavior occurred? Is it something
in my code or something in the web server that must change? Please advise.
Aug 14, 2018 01:03 PM|DA924|LINK
You are most likely using IIS Express locally that is not IIS. So you deploy to IIS where all ASP.NET Web programs run under the context of the ASP.NET Worker process WPW3.exe that is servicing the App Pool that is hosting the Web program. The App Pool
sets the credentials the ASP.NET Worker Process presents to access resources on the behalf of the Web program, which is getting the access denied.
You can push the ASP.NET Web project out to local IIS and debug it through VS and find out the credentials needed by the App Pool to access a given resource. Of course, the resource must allow the credentials presented to access the resource.
You should also look into ASP.NET Impersonation too.