To determine what resources are accessible to IIS and ASP every
session runs in a security context. This context is a particular
user impersonated by IIS (typically IUSR_machinename). The User
property allows you to determine what user is currently being
For further details of Windows security see Microsoft's
"Windows NT Security". If you want to run IIS in an isolated
process see "Server
Reliability Through Process Isolation". Please note that
security works differently when running in an isolated process.
This is fully covered in the above articles.