ASP.NET Profiling doesn't work with my security

Hello,

I am trying to profile my web site with the 2.5 demo. I have a unsecured portion and a secured portion of the site. At this point I can only profile the few pages in the unsecured section.

When I attempt to login to the secured portion, I get security errors. During the login process, my website makes a call to web service A. Web service A then makes a call to web service B.

My web site passes credentials to web service A. Web service A runs in its own application pool which has the identity of a domain account. The domain account of web service A is automatically passed as credentials to web service B. It is at this point that the call fails with the error of: "Server was unable to process request. ---> System.Security.SecurityException: Request for principal permission failed."

All of this works as soon as I turn off Profiling.

I also see other Errors in the Event Log that only appear during Profiling.

CLR Error that appears:
"The description for Event ID ( 0 ) in Source ( CLR ) cannot be found. The local computer may not have the necessary registry information ..."

ASP.NET Error that appears:
"Unable to get the private bytes memory limit for the W3WP process. The ASP.NET cache will be unable to limit its memory use..."

Thanks for your help,

Marshall

Comments

  • Brian DonahueBrian Donahue Posts: 6,590 Bronze 1
    Hello Marshall,

    If this is happening on IIS6, then you may want to wait about a week for the next version of Profiler. The current one does not respect IIS6 application pool security as it will run everything in the StandAloneAppPool using the LocalSystem account.

    We will make an announcement in this forum when Profiler 2.6 is released. Thanks for your patience.
  • Thanks Brian,

    I am running IIS6 application pooling. Once Profiler 2.6 is released, will I be able to get a 14 day evaluation?

    Marshall
  • Brian DonahueBrian Donahue Posts: 6,590 Bronze 1
    Hello Marshall,

    Guaranteed!
  • Brian DonahueBrian Donahue Posts: 6,590 Bronze 1
    Hi,

    Profiler 2.6 is out now, but there are some steps to follow to get ANTS Profiler to use the correct security account if your application pool normally runs as a named user rather than network service or local system accounts.
    • Change your application pool to use the Network Service account to suppress the error message from ANTS Profiler
    • Go to Administrative Tools->Services and change the ANTS Profiler Service Log on to the Windows account that you want the application pool to run as.
    • Stop and start the ANTS Profiler Service
    • Use ANTS Profiler to profile the web application
Sign In or Register to comment.