I'm porting our application to IIS 7. The application is very big and uses a mixture of Classic ASP and ASP.Net pages. So far there haven't any problems, but now I've encountered one thing that is a bit irritating.
I really like the possibility to use the application pool account as the anonymous account. That way you get a much more manageable situation when it comes to security. The problem is that when I enabled this for my application I encountered an error when Session_End fires;
"Failed to retrieve the Anonymous User Token for ASP Application /LM/W3SVC/1/ROOT/XXXXXXX. Global.ASA OnEnd routines will not be executed.". It occurs when we try to create a com-object by "Server.CreateObject".
I can understand that there is a special situation since this isn't a user-initiated event, rather a trigger that fires on the server. But it works without problems in the older IIS-versions and it works in IIS 7 if I use the IUSR acount as anonymous user. I should add that I have the problem regardless if I use a "classic" or "pipelined" app pool.
Does anyone know of a fix/workaround for this? I'd really like to run it all as the app pool account.