How is authentication/security managed in UltiDev Cassini - Cassini Feedback and Questions

Welcome Guest! To enable all features please Login or Register.

Notification

Error

UltiDev Forum » UltiDev Cassini Web Server for ASP.NET » Cassini Feedback and Questions » How is authentication/security managed in UltiDev Cassini

How is authentication/security managed in UltiDev Cassini

Options

Previous Topic Next Topic

graham		#1 Posted : Tuesday, January 16, 2007 11:17:24 PM(UTC)
Groups: Member Joined: 1/16/2007(UTC) Posts: 1 Location: Stafford UK		I have great trouble setting up IIS security for anon Internet users - takes ages and often database ends up readonly - I can't nail what it is, whats different on deployment sites from my own in house development server. I have been give the tip to find the 'ASPNET' user and grant rights to him/her. How does UC handle permissions and authenticate access on a windows server 2003 box? Any tips for IIS also welcome. If this process(deploying web apps on internet or mostly users servers with fixed IP) does not get any easier and UC works well I will swap over or at least have UC as another option to get my web apps going.
Back to top		WWW

User Profile View All Posts by User View Thanks

Ultidev Team		#2 Posted : Wednesday, January 17, 2007 5:36:18 AM(UTC)
Groups: Administration Joined: 11/3/2005(UTC) Posts: 2,253 Thanks: 28 times Was thanked: 60 time(s) in 59 post(s)		Hi! You are less likely to encounter security issues when connecting your ASP.NET apps to the database under UltiDev Cassini, because it runs under powerful Local System (NT AUTHORITY\SYSTEM) account. On the flip side, exposing Cassini applications to Internet is more dangerous compared to IIS running under Network Service account because if the application under Local System is hacked the attacker will be able to do a lot of damage to the system. To address your issue you may consider using SQL authentication instead of integrated auth, or alternatively, you may create a domain user account (with access rights similar to Network Service) specifically for your application, and grant proper DB access rights in SQL Server. Integrated auth can get tricky when SQL DB and the application are either on different domains or in the workgroup instead of domain. In that case SQL auth would be easier to implement. Best regards, UltiDev Team. Please donate at http://www.ultidev.com/products/Donate.aspx to help us improve our products.
Back to top		WWW

User Profile View All Posts by User View Thanks

Guest		#3 Posted : Tuesday, March 8, 2016 3:07:00 AM(UTC)
Groups:		Message was deleted by a Moderator.
Back to top		\| Reason

Rss Feed

Atom Feed

Users browsing this topic
Guest

UltiDev Forum » UltiDev Cassini Web Server for ASP.NET » Cassini Feedback and Questions » How is authentication/security managed in UltiDev Cassini

Forum Jump

You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You can vote in polls in this forum.