If you run your application or deploy it to a new machine and do not see any pages displayed, or see pages displayed, but no data displayed on the pages, then most likely your application’s security settings are not configured appropriately.
Every Microsoft .NET application runs under the credentials of a specific user. The specific user under which it is running determines which resources the application can access, including web pages, temporary files, and databases. There are two factors that determine which user your application is running under.
1. Virtual Directory Security Settings: The virtual directory can be set up to Allow Anonymous Access. If Allow Anonymous Access is selected, then you must specify a user account and password. The application will run under this user account specified and all resources will be accessed as this user. By default, Iron Speed Designer creates the virtual directory where No Anonymous Access is selected.
2. Impersonation: The impersonation settings are only used if No Anonymous Access is specified in the Virtual Directory Security Settings. Impersonation means that the application runs based on the credentials of the user connecting to the application. The application’s resources are available based on which user is connecting to the server. The impersonation setting is specified in your application’s Web.config file and by default is set to True in applications created with Iron Speed Designer.
|
Impersonation = True |
Impersonation = False |
No Anonymous Access (default for development systems) |
Application runs under the user connecting to the application. Each user will have their own access; some users may not have any access to the application or to the database. This is a reasonable solution during development of your application. |
There is no user account specified for your application, and the application cannot impersonate any user. Most likely your application will not be able to run or connect to your database. |
Allow Anonymous Access (ideal for production systems) |
Impersonation setting has no effect. Application runs under the user account specified for Anonymous Access. Every user will have the same access to all resources including database. This is the preferred solution when you deploy your application into production. |
Impersonation setting has no effect. Application runs under the user account specified for Anonymous Access. All users have same access to all resources including database. |
|
No Anonymous Access; |
No Anonymous Access; |
Allow Anonymous Access; Impersonate = True or False |
|
Default development configuration |
|
Preferred production configuration |
Access to Application Files |
|||
Application Folder |
Page will be displayed if end user’s Windows credentials have read/write access to folder |
Application will not run |
Configured user must have read/write access to the Application folder |
Microsoft .NET Folder |
Page will be displayed if end user’s Windows credentials have read/write access to folder |
Application will not run |
Configured user must have read/write access to the folder |
Access to Database Servers or Database Files |
|||
Microsoft Access Database |
Data will be displayed if end user’s Windows credentials have access to database file and folder |
Application will not run |
Configured user must have read/write access to the database file and the folder containing the file |
Microsoft SQL Server Database on Same Server; |
Data will be displayed if end user’s Windows credentials have access to database |
Application will not run |
Configured user must have an account in Microsoft SQL Server Enterprise Manager |
Microsoft SQL Server Database on Different Server; |
No data will be displayed |
Application will not run |
Configured user must have an account in Microsoft SQL Server Enterprise Manager |
Microsoft SQL Server Database on any Server; |
Page will be displayed if end user’s Windows credentials have access to Application folder |
Application will not run |
SQL Server user must have account in Microsoft SQL Server Enterprise Manager |
Oracle Database |
Page will be displayed if end user’s Windows credentials have access to Application folder |
Application will not run |
Oracle user must have account in Oracle Enterprise Manager |
No Anonymous Access (Recommended for Development Environment)
Allow Anonymous Access (Recommended for Production Environment)