Permissions on the API folder
What permissions are suggested to have on the api folder?
We are having issues, where no matter what auth credentials we provide, with windows auth on or off, the webservice always creates tickets
By default we have the "everyone" group , the network service and the "users" (for the servers' users)
Thanks
dcadenas
· 1 |
|
Friday, June 18, 2010, 11:40:07 PM |
0
|
Not sure I understand. How are you creating issues? |
||||
|
0
|
Hello Mark, I will be following up for Diego on this issue. We have recently upgraded from using: Gemini Web Application: v3.5.4 (Build 2435) WebService DLLs: v3.6.4 (Build 2630) TO: Gemini Web Application: v3.7.0 (Build 2711) WebService DLLs: v3.7.0 (Build 2711) This was installed on a different (new) server and the database was copied over. Permissions are as follows: NETWORK SERVICE - All Allow (Less Full Control) Local Admin Group - All Allow Everyone - All Allow Internet Guest Account (account used for Anon access) - Read & Execute, List Folder Contents, and Read Allow Local Power Users - All Allow (Less Full Control) System - All Allow Terminal Server User - All Allow (less Full control) Local Users - Read & Execute, List Folder Contents, and Read Allow We have run into some interesting issues that we would like some help on. 1) Some users are able to make web service calls without issue when enable anonymous access is turned off, however when it is turned on those users recieve 403 Forbidden errors, and a Gemini Rest Exception "Method Requires Auth.."
2) Regardless of what is passed into the Constructor of the ServiceManager the WS will work for 2 of the computers.
Examples: |
||||
|
0
|
Are you using windows authentication in Gemini (web.config)? |
||||
|
0
|
Ok Anon access is turned off (was only turned on because that is how we got it to work with the older version) We are using Windows Auth on the Website, but still having the same issues, detailed in the examples with number 2. Is it expected that all but the Username that is passed into the constructor of the Service manager is apparently ignored? |
||||
|
0
|
In windows authentication mode yes, it will always use the windows identity to authenticate and permissions. |
||||
|
0
|
By disabling Anon access as you suggested and setting the Boolean UseWindowsAuth = true, the issue is resolved. Thanks for your help! |
||||
|