MBI 3 Identity Matrix
March 19th, 2005
How useful is the ASP.Net identity matrix? I’ve queried it a lot…
I created the same matrix for MBI 3.
The scenario is a client calling MBI 3 through DispDirect which uses the WebService transport. IIS configurations below apply to the FwkWebServiceTransport virtual directory. The variable means:
- Command = cmd.User.Login
- Thread = System.Threading.Thread.CurrentPrincipal.Name
- WindowsIdentity = System.Principal.WindowsIdentity.GetCurrent().Name
These variables are queried in an MBI business action.
Note: whenever the Anonymous is checked, it will override any other checkbox (integrated, digest, etc.)
Note 2: NT AUTHORITY\NETWORK SERVICE is the user that runs the ASP.Net worker process in Windows 2003. For older versions is the MACHINE\ASPNET user.
| IIS anonymous | ||
| Principal sent via Dispatcher | Variable | Identity resutlant |
| WindowsPrincipal | Command | “” |
| Thread | “” | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| GenericPrincipal | Command | User provided in GenericIdentity |
| Thread | User provided in GenericIdentity | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| Nothing | Command | “” |
| Thread | “” | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| IIS integrated windows | ||
| Principal sent via Dispatcher | Variable | Identity resutlant |
| WindowsPrincipal | Command | Domain\UserName |
| Thread | Domain\UserName | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| GenericPrincipal | Command | User provided in GenericIdentity |
| Thread | User provided in GenericIdentity | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| Nothing | Command | “” |
| Thread | “” | |
| WindowsIdentity | NT AUTHORITY\NETWORK SERVICE | |
| IIS integrated and web.config with | ||
| Principal sent via Dispatcher | Variable | Identity resutlant |
| WindowsPrincipal | Command | Domain\UserName |
| Thread | Domain\UserName | |
| WindowsIdentity | Domain\UserName | |
| GenericPrincipal | Command | User provided in GenericIdentity |
| Thread | User provided in GenericIdentity | |
| WindowsIdentity | Domain\UserName | |
| Nothing | Command | “” |
| Thread | “” | |
| WindowsIdentity | Domain\UserName | |
Leave a Reply