ASP.NET Profiling doesn't work with my security
mbell@openonline.com
Posts: 3
Hello,
I am trying to profile my web site with the 2.5 demo. I have a unsecured portion and a secured portion of the site. At this point I can only profile the few pages in the unsecured section.
When I attempt to login to the secured portion, I get security errors. During the login process, my website makes a call to web service A. Web service A then makes a call to web service B.
My web site passes credentials to web service A. Web service A runs in its own application pool which has the identity of a domain account. The domain account of web service A is automatically passed as credentials to web service B. It is at this point that the call fails with the error of: "Server was unable to process request. ---> System.Security.SecurityException: Request for principal permission failed."
All of this works as soon as I turn off Profiling.
I also see other Errors in the Event Log that only appear during Profiling.
CLR Error that appears:
"The description for Event ID ( 0 ) in Source ( CLR ) cannot be found. The local computer may not have the necessary registry information ..."
ASP.NET Error that appears:
"Unable to get the private bytes memory limit for the W3WP process. The ASP.NET cache will be unable to limit its memory use..."
Thanks for your help,
Marshall
I am trying to profile my web site with the 2.5 demo. I have a unsecured portion and a secured portion of the site. At this point I can only profile the few pages in the unsecured section.
When I attempt to login to the secured portion, I get security errors. During the login process, my website makes a call to web service A. Web service A then makes a call to web service B.
My web site passes credentials to web service A. Web service A runs in its own application pool which has the identity of a domain account. The domain account of web service A is automatically passed as credentials to web service B. It is at this point that the call fails with the error of: "Server was unable to process request. ---> System.Security.SecurityException: Request for principal permission failed."
All of this works as soon as I turn off Profiling.
I also see other Errors in the Event Log that only appear during Profiling.
CLR Error that appears:
"The description for Event ID ( 0 ) in Source ( CLR ) cannot be found. The local computer may not have the necessary registry information ..."
ASP.NET Error that appears:
"Unable to get the private bytes memory limit for the W3WP process. The ASP.NET cache will be unable to limit its memory use..."
Thanks for your help,
Marshall
Comments
If this is happening on IIS6, then you may want to wait about a week for the next version of Profiler. The current one does not respect IIS6 application pool security as it will run everything in the StandAloneAppPool using the LocalSystem account.
We will make an announcement in this forum when Profiler 2.6 is released. Thanks for your patience.
I am running IIS6 application pooling. Once Profiler 2.6 is released, will I be able to get a 14 day evaluation?
Marshall
Guaranteed!
Profiler 2.6 is out now, but there are some steps to follow to get ANTS Profiler to use the correct security account if your application pool normally runs as a named user rather than network service or local system accounts.