The most recent ASP.NET Support Voice is live. This month, Mike Clay from Product Support answers common security issues around ASP.NET accessing resources.

In short:

"It is very common for developers to remotely access file shares, Web services, databases, or other resources from ASP.NET applications. This is typically a file server or database server separate from the Web server where the application is running. However, for this to work as expected, there are some very important security considerations to know about with regard to ASP.NET process identity, authentication, and permissions. We’ll explore some of these key concepts and possible resolutions. Which option will work best for a particular scenario will depend on your application architecture and security requirements."