Dominic Sévigny

ASP.NET, Ajax and Silverlight

Sponsors

News

Dominic Sévigny

View Dominic's profile on LinkedIn

Locations of visitors to this page

My certifications




Favorites Links

Token Cache with ASP.NET and Basic Authentication

If you develop an ASP.NET application that use Basic Authentication, take care to be sure to change the registry on your staging IIS server. What? Yes, If your application use role based security to securing your pages, adding a new security group to a Windows domain user don't automaticaly give access to theses pages.

Why? Because when you use Basic authentication, user tokens are cached in the token cache. By default, tokens remain in the cache for 15 minutes. If you log on using Basic authentication with an account that has a high level of user logon rights, a successful attacker could use the account to gain access to the resources on your computer.

The Microsoft article : http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true

For a production environment, 15 minutes is correct but when you are on the staging environment it's very frustrating to wait 15 minutes between each security test. You can change the TTL by modifying a key in the registry.

How to change the registry key (Search for UserTokenTTL at the bottom of the page) : http://wwwbeta.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/cf438d2c-f9c7-4351-bf56-d2ab950d7d6e.mspx?mfr=true

Thanks
Dominic 

 

Posted: Jan 04 2008, 03:05 PM by runatserver75 | with 18 comment(s)
Filed under: , , ,

Comments

Timberland boots outlet said:

These kind of post are always inspiring and I prefer to read quality content so I happy to find many good point here in the post.

# July 17, 2011 11:48 PM

Timberland boots outlet said:

These kind of post are always inspiring and I prefer to read quality content so I happy to find many good point here in the post.

# July 17, 2011 11:51 PM

wholesale jerseys said:

cool! that is really unique! i particularly like the colourful alleyway.

# July 19, 2011 2:31 AM

cheap gucci bags said:

you mean you don’t need a special tool? That’s refreshing! Thanks!

# July 21, 2011 5:28 AM

Monster beats studio said:

Do you have a spam problem on this site; I also am a blogger, and I was wanting to know your situation; many of us have created some nice practices and we are looking to swap solutions with others, be sure to shoot me an email if interested.

# July 21, 2011 10:20 PM

coogi clothing said:

Thanks a lot for enjoying this beauty article with me. I am enjoy it very much! <a href="www.coogi-store.com/" title="coogi clothing">coogi clothing</a>

# August 2, 2011 3:07 AM

baseball caps said:

I love your homepage, the way I love air. Ok just kidding but really good explanations though .

# August 10, 2011 5:16 AM

cheap Burberry outlet said:

I never thought of this angle regarding this subject. Great post. I will bookmark it straightaway.<a href="www.cheap-burberryoutlet.com/" title="cheap Burberry outlet">cheap Burberry outlet</a>

# August 11, 2011 8:21 PM

Moncler jackets outlet said:

Wonderful post. You have gained a new subscriber. Pleasee continue this great work and I look forward to more of your great blog posts.[url=www.greygoosejacketssale.com]goose down jackets[/url]

# August 11, 2011 8:49 PM

buy cheap sunglasses said:

I like this concept. I visited your blog for the first time and just been your fan. Keep posting as I am gonna come to read it everyday..

# August 16, 2011 2:34 AM

belstaff leather jackets said:

Thanks for another great post on this program. Love the updates, keep them coming.[url=www.belstaffleatherjacketsuk.com]belstaff leather jackets[/url]

# August 16, 2011 3:27 AM

North Face UK sale said:

You had fantastic good ideas here. I did a search on the subject and discovered almost all peoples will agree with your blog.<a href="www.northfaceuksales.com/" title="North Face UK sale">North Face UK sale</a>

# August 19, 2011 5:28 AM

canada goose sale said:

So fantastic artical, some your points are very useful to me. thanks for you sharings.

# August 20, 2011 5:07 AM

rtyecript said:

I really liked the article, and the very cool blog

# August 23, 2011 8:18 AM

Cheap Abercrombie and Fitch said:

I never thought of this angle regarding this subject. Great post. I will bookmark it straightaway.

# September 3, 2011 3:56 AM

Air Max store said:

Its a great start of the day with a website like this. very informative , im now one of the regular visitor of your web. Thanks.

# September 15, 2011 4:54 AM

Onitsuka Tiger California 78 Grey/Green said:

Asics Schuhe ist die beste Laufschuhe,Beste Verarbeitungen, hochwertige Materialen und ein unverwechselbares Design machen Asics Schuhe zum Liebhaber vieler Schuhfans, denn sie sind auch für den Alltag perfekt einsetzbar!

# November 5, 2011 3:20 AM

UGG Bailey Button said:

We've arrievd at the end of the line and I have what I need!

# December 1, 2011 3:30 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)