views:

114

answers:

0

I'am a bit confused about the use of Isolated Storage on a IIS server.

I understand the goal of Isolated Storage : provides a safe place to store data with no worry about how and where is this place.

Since Isolated Storage have a by-user and by-assembly approach, I'am not to wild about using it on a IIS server where applications have almost their own identity. I haven't really seen the interest of impersonating a web application and almost never seen impersonated web applications myself but this is my point of view.

Using Isolated Storage on a server mean (for Windows Server 2003) :

  • Using Isolated stores in \Documents and Settings\<user>\

  • Which mean \Documents and Settings\Default User\ when the application pool is owned by Local System or Network Services I guess

  • Which also mean Write rights on this folder for Local System or Network Services

  • Using of impersonation

Regarding a web application (logic), these ideas are confusing me... Document and Settings ? Default User ? Enable impersonation just for storage ? No control about storage on server ? Uh ?

Some points on the MSDN :

  • Server storage. Server applications can use isolated storage to provide individual stores [...]. Because isolated storage is always segregated by user, the server must impersonate the user making the request. [...]

  • Using isolated storage enables partially trusted applications to store data in a manner that is controlled by the computer's security policy.

  • by default, code running from the local computer, a local network, [...] is granted the right to use isolated storage. Should I understand Network Services ? I would be surprised. That's not the case on my IIS servers (Windows 2003).

And then I'am a front of a dilema : use System.IO.Packaging (with Isolated Storage inside) on web applications or find an alternative ? Using IO.Packaging mean you must enable isolated storage ?

Am I wrong in my approach ? Did I miss something ?

I precise I don't especially want to use/enable it on a IIS server, I would like to understand if enabling it on a such environment is a good practice.

Any point of view is appreciated and an explanation about an "Isolated Storage with IIS philosophy" could be an anwser.

Thanks !