ApplicationPoolIdentity IIS 7, Asp.net Gotcha!!!!

Posted on July 16, 2009 | 6 Comments

 

What a waste of an hour…   I was running an asp.net mvc app  on my VMWare Fusion VM, with Windows 7 RC & IIS 7. When i kept getting this error:

System.Security.SecurityException: Request for the permission of type ‘System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089′ failed.

The thing that threw me off was that it only seemed to happen doing certain stuff, like the mvc future strongly typed links and html helper submits..

<% Html.SubmitImage(…..

Also if you search for posts/forums on it you;’ll bump into the UNC path issue, which again threw me a little.. “was it because of my VM, was iis seeing my C drive as a share?” crazy talk but still that’s the kind of shit that goes through your head when debugging these kinds of issues…

 

Anyways in the end it was the identity that the Application pool for my site was running under, funnily enough  called “ApplicationPoolIdentity”.

I changed it to network service and all is fine..

check out this post which covers the issue…

This entry was posted in Uncategorized. Bookmark the permalink.

6 Responses to ApplicationPoolIdentity IIS 7, Asp.net Gotcha!!!!

  1. Eric Duncan | August 13, 2009 at 7:02 AM | Reply

    Absolutely perfect! Took me about 15m until I found your blog post. Saved me the headache!

    Problem was, bing.com did not return any results. So, I resorted back to Google and that is what lead me to your blog post. Argh.

  2. Shukeri | October 1, 2009 at 11:10 AM | Reply

    Thanx… it really help me out…. it the same setting that should be done if in iis6.. but in iis7 i cannot find it at the first place since we already familiar with iis6

    i have already set it and it works!!! Thanx again for sharing ;)

  3. Matt Tew | December 24, 2009 at 12:10 AM | Reply

    Thanks. Went through the same thing. Glad you had an answer. I hate being protected from myself.

  4. Windows Web Server IIS7 | February 24, 2010 at 2:21 PM | Reply

    Nice work. What is “ApplicationPoolIdentity” anyway. Would this be used under any circumstances?

  5. IIS7 | March 8, 2010 at 12:26 PM | Reply

    Hi, I had the same problem but followd this advice and it works a treat.

    http://blogs.msdn.com/vijaysk/archive/2009/02/13/goodbye-network-service.aspx

  6. Brian Murphy-Booth | January 21, 2011 at 8:47 PM | Reply

    “ApplicationPoolIdentity” takes advantage of the new “service account” concept in Windows 2008. It creates a unique dynamically generated temporary user that is specific to that appPool. this is for security reasons so that an application running in one appPool can’t traverse the folders that belong to a different appPool.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s