Re: Impersonate and shared hosting
From: vinay balasubramaniam (vinay_balasubramaniam@satyam.com)
Date: 09/13/02
- Next message: Som: "Re: SQL server acess from ASP.NET"
- Previous message: vinay balasubramaniam: "Re: Security Problem"
- In reply to: Ion: "Re: Impersonate and shared hosting"
- Next in thread: Matthew Barwick: "Re: Impersonate and shared hosting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "vinay balasubramaniam" <vinay_balasubramaniam@satyam.com> Date: Fri, 13 Sep 2002 11:33:28 +0530
What you have tried is application level impersonation
When the impersonation apples to all the imcoming request
In case you want to impersonate per request ..
then use WindowsPrincipal.Impersonate method in ur code
This method will impersonate a specific user specified
and generate the impersonatin token .. once the request is
over the impersonation token is destroyed..
Do i make sense here...
"Ion" <icx-spam@spam-noos.fr> wrote in message
news:3d668809$0$18327$79c14f64@nan-newsreader-02.noos.net...
> Hi Willy.
>
> Instead of "logon" I tested a simpler solution with a web.config
containing
> a "location" section with "identity impersonate, username, password etc."
> It worked fine as long as I had "system" account in machine.config.
>
> It is a pity (aka functionality miss) an application can not access a
folder
> although it has the right credentials, when a manual login can do it!
>
> Maybe .NET 1.i will get it.
>
> Thanks for confirming the deadlock.
>
> Best regards
>
> Ion Cartiant
> http://www.sysoft-sa.com/
>
>
>
>
>
> "Willy Denoyette [MVP]" <willy.denoyette@pandora.be> wrote in message
> news:#MLD9ArSCHA.2556@tkmsftngp11...
> > Sorry, but you said " impersonate logged users...." not another user.
> > That means you have to call "LogonUser", and that's something wich
> requires the process to run in the TCB on Windows 2000.
> > It's quite normal that the ISP is not allowing this.
> >
> > Willy.
> >
> > "Ion" <icx-spam@spam-noos.fr> wrote in message
> news:3d6626ff$0$8620$79c14f64@nan-newsreader-01.noos.net...
> > > Willy,
> > >
> > > Your suggestion means to give the unique pass (folder access) to
> visitors.
> > > They can pick any file afterwards from the folder.
> > >
> > > Maybe I was not clear enough. I would like to impersonate
(temporarily)
> > > *another* security account that gives acces to a protected folder.
> People
> > > register, using <forms> authentification. This does not give access to
> > > protected folder. The access should be made be made by program only,
so
> it
> > > seems I have to change the security level etc..
> > >
> > > Do I miss something ?
> > >
> > > Best,
> > >
> > > Ion Cartiant
> > > http://www.sysoft-sa.com/
> > >
> > >
> > >
> > > "Willy Denoyette [MVP]" <willy.denoyette@pandora.be> wrote in message
> > > news:u32OptoSCHA.1632@tkmsftngp11...
> > > > You don't need aspnet_wp.exe to run in the system logon session in
> order
> > > to impersonate a client.
> > > > You only have to set identity impersonate=true and use basic
> > > authentication.
> > > >
> > > > Willy.
> > > >
> > >
> > >
> > >
> >
> >
>
>
>
>
>
>
- Next message: Som: "Re: SQL server acess from ASP.NET"
- Previous message: vinay balasubramaniam: "Re: Security Problem"
- In reply to: Ion: "Re: Impersonate and shared hosting"
- Next in thread: Matthew Barwick: "Re: Impersonate and shared hosting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
