Advertisement
Monday, September 06, 2010
HOME
ABOUT US
OUR SERVICES
OUR CLIENTS
CONSULTING
BOOKS
DEVELOPMENT TOOLS
CONTACT US

.net Tips and Tricks

New .net Books!
 
LATEST NEWS
04.11.2005
BlueVision becomes a Microsoft Certified Partner!
03.30.2005
03.01.2005
Two development books get an update for Visual Studio .NET 2003
01.05.2005
BlueVision launches the Community Technology Preview release of CopAlert™, www.copalert.com
12.20.2002
BlueVision in MSDN Magazine
Tips and Tricks

How to Debug your ASP.NET applications

Background

Remote debugging of a process is a privilege, and like all privileges, it must be granted to a user or group of users before its operation is allowed. The Microsoft .NET Framework and Microsoft Visual Studio .NET provide two mechanisms to enable remote debugging support: The Debugger Users group and the "Debug programs" user right.


Debugger Users Group

When you debug a remote .NET Framework-based application, the Debugger on your computer must communicate with the remote computer using DCOM. The remote server must grant the Debugger access, and it does this by granting access to all members of the Debugger Users group. Therefore, you must ensure that you are a member of the Debugger Users group on that computer. This is a local security group, meaning that it is visible to only the computer where it exists.

To add yourself or a group to the Debugger Users group, follow these steps:

  1. Right-click the My Computer icon on the Desktop and choose Manage from the context menu.
  2. Browse to the Groups node, which is found under the Local Users and Groups node of System Tools.
  3. In the right pane, double-click the Debugger Users group.
  4. Add your user account or a group account of which you are a member.

 

Debug Programs User Right

To debug programs that run under an account that is different from your account, you must be granted the "Debug programs" user right on the computer where the program runs. By default, only the Administrators group is granted this user right. You can check this by opening Local Security Policy on the computer. To do so, follow these steps:

  1. Click Start, Administrative Tools, and then Local Security Policy.
  2. Browse to the User Rights Assignment node under the Local Policies node.
  3. In the right pane, double-click the "Debug programs" user right.
  4. Add your user account or a group account of which you are a member.

 

Security Alert:

Please be aware that any account that is granted this right will be able to debug processes that run under another user's account. This could potentially allow a hacker to debug a program that you are running.

 

How ASP.NET Fits In

At many times, you might need to debug ASP.NET Web applications running on a Web server from your computer. This is a remote debugging scenario, so you must be a member of the Debugger Users group on the Web server to accomplish this.

ASP.NET Web applications run inside the ASP.NET Worker Process (aspnet_wp.exe). By default, this process runs as the Network Service account under Microsoft Windows Server 2003 and the ASPNET account under Microsoft Windows XP. You can determine the account under which this process runs by locating the <processModel> element in the machine.config file on the Web server. You can learn more about this element here.

When impersonation is disabled, each thread spawned by the ASP.NET Worker Process also runs under the same account. (Impersonation is the process of allowing a thread to run under a different account from its process.) This means that each Web application also runs under the same account. When you debug Web applications, you actually attach the Debugger to the ASP.NET Worker Process. Unless you are granted the "Debug programs" user right on the remote Web server, you will not be able to debug this process on the server.


Back to Tips and Tricks

Terms Of Use © 2000 - 2010 BLUEVISION LLC. ALL RIGHTS RESERVED. Privacy Policy