Impersonation not working with WebClient...
From: DanB (daniel_t_bolger_at_hotmail.com)
Date: 05/06/03
- Next message: Matjaz Ladava: "Re: Forms authentication in a subdirectory only"
- Previous message: Mike Moore [MSFT]: "RE: Cookie Problems - Reposting with subscription email address for msft"
- Next in thread: Yury Zenkevich: "Re: Impersonation not working with WebClient..."
- Reply: Yury Zenkevich: "Re: Impersonation not working with WebClient..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 6 May 2003 00:28:40 -0700
I have an ASP page on SERVERA which calls a third party COM Component
to execute a search. The third party COM Component uses the user
credentials of the thread it is executing in to connect to the
database and execute the search. I have set up my IIS application on
SERVERA for Windows Authentication and ensured "Allow Anonymous
Authentication" is deselected in "Directory Security". I then tested
by invoking the search from Internet Explorer on my workstation (let's
call it MYWORKSTATION) as follows: http://SERVERA/MyApp/MySearch.asp -
The impersontation works correctly.
I am then creating a ASP.NET Web Application that executes searches
across multiple search apps and aggregates the results. I have some
code similar to the following, and have turned on Impersonation in
web.config:
System.Net.WebClient client = new WebClient();
client.Credentials = CredentialCache.DefaultCredentials;
byte []pageData = client.DownloadData("http://SERVERA/MpApp/MySearch.asp);
...
When I run this ASP.NET Web Application from my machine, the search
works. However, when I deployed this to a test server and ran it from
there, it did not work. I keep getting a HTTP 401 on the DownloadData
line...
I initially thought it might have something to do with the TEST server
setup. I checked to ensure Anonymous was turned off on the Virtual
Directory for MyApp and it was. Windows Authentication was turned on
for MyApp too.
Then I thought maybe the impersonation wasn't working, so I used the
following line of code to see:
System.Security.Principal.WindowsIdentity.GetCurrent().Name
sure enough, this returns my login name, so this proves Impersonation
is working.
I got someone else in my company to try the same steps. They first
entered http://SERVERA/MyApp/MySearch.asp into the web browser on
their machine. This worked for them, proving they had the appropriate
permissions to access the search database. They then tried to the
search aggregator from my machine (which worked for me also) using
http://MYWORKSTATION/SearchAggregator/Default.aspx which didn't work
for them. Running it from the test server didnt work for them either.
I've also tried forcing impersonation for the code above by preceding
it with:
System.Security.Principal.WindowsImpersonationContext
impersonationContext;
impersonationContext =
((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
... this doesn't work either :(
I'm really quite perplexed! Any help would be greatly appreciated.
Cheers,
Dan.
- Next message: Matjaz Ladava: "Re: Forms authentication in a subdirectory only"
- Previous message: Mike Moore [MSFT]: "RE: Cookie Problems - Reposting with subscription email address for msft"
- Next in thread: Yury Zenkevich: "Re: Impersonation not working with WebClient..."
- Reply: Yury Zenkevich: "Re: Impersonation not working with WebClient..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
