IIS 6.0 and ASP.NET 2.0 Credentials–Part Two

The ASP.NET User Principal (HTTPContext.User) clearly depends upon the Authentication Mechanism that you selected in IIS 6.0 “Authenication Tab” and if you use Integrated Windows Authentication then it is dependant on the IIS impersonation token that get handed off in the extension control block via the ASP.NET 2.0 ISAPI API.   Part two of IIS 6.0 and…


IIS 6.0 and ASP.NET 2.0 Credentials

The one area that many developers do not have good grasp at is how Authentication tokens from IIS 6.0 is passed to ASP.NET 2.0 and how these tokens can subsequently be used for Authorization in an ASP.NET 2.0 Web Application. The one question that arises quite often is when I click on “Integrated Windows Authentication”…


New Security Blog dedicated to Canadian Developers

Wow, it has been a while since I did my last blog post.  It may look like I disappeared but I am still around and was just keeping a low profile for the summer months.  Based upon your feedback I have recently created a new blog, but this time, the blog will be dedicated 100%…