开发者

What is "pass-through authentication" in IIS 7? [closed]

Closed. This question is off-topic. It is not currently accepting answers.

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 11 years ago.

Improve this question

In IIS 7, after I specify the physical path for my website and click the "Test Settings" button, I get the following warning:

The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that<domain>\<computer_name>$has read access to the physical path. Then test these settings again.

So what is pass-through authentication? Literally, it should be pass some A through some B? So what are the A and B?

Also, I am actually using the built-in 开发者_StackOverflow中文版ApplicationPoolIdentity. Why can't IIS verify that this account has proper access rights to the physical path? Why do I need to verify it myself?


Normally, IIS would use the process identity (the user account it is running the worker process as) to access protected resources like file system or network.

With passthrough authentication, IIS will attempt to use the actual identity of the user when accessing protected resources.

If the user is not authenticated, IIS will use the application pool identity instead. If pool identity is set to NetworkService or LocalSystem, the actual Windows account used is the computer account.

The IIS warning you see is not an error, it's just a warning. The actual check will be performed at execution time, and if it fails, it'll show up in the log.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜