.netiisisolatedstoragesystem.io.packaging

Using IsolatedStorage on a IIS server


I'am a bit confused about the use of Isolated Storage on a IIS server.

I understand the goal of Isolated Storage : provides a safe place to store data with no worry about how and where is this place.

Since Isolated Storage have a by-user and by-assembly approach, I'am not too wild about using it on a IIS server where applications have almost their own identity. I haven't really seen the interest of impersonating a web application and almost never seen impersonated web applications myself but this is my point of view.

Using Isolated Storage on a server mean (for Windows Server 2003) :

Regarding a web application (logic), these ideas are confusing me... Document and Settings ? Default User ? Enable impersonation just for storage ? No control about storage on server ? Uh ?

Some points on the MSDN :

And then I'am a front of a dilema : use System.IO.Packaging (with Isolated Storage inside) on web applications or find an alternative ? Using IO.Packaging mean you must enable isolated storage ?

Am I wrong in my approach ? Did I miss something ?

I precise I don't especially want to use/enable it on a IIS server, I would like to understand if enabling it on a such environment is a good practice.

Any point of view is appreciated and an explanation about an "Isolated Storage with IIS philosophy" could be an anwser.

Thanks !


Solution

  • If you would need to use server side isolated storage for some reason, then you must impersonate the user and for that you would need to use windows integrated authentication so you get the http context's user principal populated with the requesting user. The request thread would switch the identity to the requester user and I would assume ( haven't tested) that you would see the isolated storage under that account.

    I am still not sure when would I use isolated storage on server side for an IIS app which normally in enterprise environment runs on a web farm. It would be against best practices to store anything locally per user. If that server goes down, then you've lost that data.