Re: Yet another permissions thing

From: Trevor Lawrence (TrevorL@ise.canberra.edu.au)
Date: 11/06/02 

From: "Trevor Lawrence" <TrevorL@ise.canberra.edu.au>
Date: Thu, 7 Nov 2002 08:12:13 +1100

Thanks. Sounds a likely explanation, since the COM DLL was originally built
in VB6. I can replace the COM object and rewrite the stuff directly as a
VB.NET class (with some difficulty), but it will end up making direct Win32
calls. How is a P/Invoke call to a Win32 API affected by threading issues?

The alternative is to use .NET WMI mechanisms to achieve the same result.
Still plenty of work, but still....

Trevor

"Willy Denoyette [MVP]" <willy.denoyette@pandora.be> wrote in message
news:eBKt3HZhCHA.3708@tkmsftngp08...
> You are mixing two technologies here - .NET and COM, however, this has
some security implications.
> Your COM component is probably a Single Threaded type, when created from a
Multithreaded environment like ASP.NET, your component
> will be created on a COM managed STA thread, the result is that the
component runs in the process security context (aspnet?) not the
> impersonating threads context.
>
> What you could do is create a new (STA) thread and transfer the
impersonation token to the newly created thread before creating the
> COM object.
>
> Willy.
>
> "Trevor Lawrence" <TrevorL@ise.canberra.edu.au> wrote in message
news:udemrMHhCHA.1652@tkmsftngp09...
> > I have an ASP.NET app that is required, amongst other things, to create
a
> > folder on another server (i.e. via a UNC path), and then set permissions
on
> > that folder.
> >
> > I have the ASP.NET app impersonating an account with permissions to
create
> > the folder and Directory.CreateDirectory works fine. To set the
security I
> > have a small COM DLL that I have used for a few years successfully for
this
> > sort of purpose in other software. However when I call the AddACE
method in
> > this DLL from the aspx page I get an Access Denied error. I can't see
why.
> > It is as if the impersonation that should be applying to the whole aspx
page
> > execution is not applying when I call a method in a COM DLL. That seems
> > odd. There is no COM+ configuration set up for this COM object. The
AddACE
> > method is being called immediately after the successful create directory
> > function.
> >
> > And yes the inherited permissions on the newly created folder DO allow
the
> > user in question to set permissions on the folder.
> >
> > Any clues?
> >
> > Trevor Lawrence
> > University of Canberra
> >
> >
>
>

Relevant Pages

  • Re: Yet another permissions thing
    ... You are mixing two technologies here - .NET and COM, however, this has some security implications. ... > folder on another server, ... > I have the ASP.NET app impersonating an account with permissions to create ... > user in question to set permissions on the folder. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Yet another permissions thing
    ... folder on another server, ... I have the ASP.NET app impersonating an account with permissions to create ... this DLL from the aspx page I get an Access Denied error. ... user in question to set permissions on the folder. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Out of Memory when editing graphic...
    ... Just add a reference to the DLL in the .NET folder. ... Find great Windows Forms articles in Windows Forms Tips and Tricks ... When I try to add the barcode to ...
    (microsoft.public.dotnet.framework.drawing)
  • Re: Service pack 3 problem
    ... Opening the regsvr32 file is as you say, no dll specified, followed by the ... and no dllcache folder exists, ... After show hidden files, folders, and system files, use WINDOWS Explorer ...
    (microsoft.public.windowsxp.general)
  • Re: Linking Application with the Library file
    ... I have never worked with LOADLIBRARY and GETPROCADDRESS. ... The DLL will go in the TARGET folder of your BSP and also in the ... <apellerin AT adeneo DOT adetelgroup DOT ...
    (microsoft.public.windowsce.embedded)
Quantcast