Datasheet
After the application domain is up and running, ASP.NET performs a few last steps for the very first
request that is made to an application.
If you choose to run ASP.NET using local or domain accounts, make sure to run the
aspnet_regiis
utility with the -ga switch. Doing so will ensure that the necessary security rights have been granted
and other setup tasks performed for these accounts to work properly.
Throughout all of the ASP.NET processing, the two most important security concepts to keep in mind are:
❑ ASP.NET configures and enforces an application domain CAS policy very early in the applica-
tion domain’s lifecycle. This means any code you write and deploy will be subject to the restric-
tions defined in an ASP.NET trust policy.
❑ The security credential that is used during application domain startup and during the early
parts of the first request is one of the following: process identity, application impersonation
identity, or UNC identity. Developers should understand which one is selected because code
that runs during
Application_Start uses one of these three identities.
The next chapter continues this discussion with a look at how the security context is set up for each indi-
vidual request, as well as how the default handler mappings in ASP.NET provide security.
29
Initial Phases of a Web Request
04_596985 ch01.qxp 12/14/05 7:46 PM Page 29