ASPNET App and Launching a Batch File...

From: Rob Jones (robjones_at_lightspeedsystems.com)
Date: 02/29/04


Date: Sun, 29 Feb 2004 02:46:01 GMT

Scenario:

ASP.NET application (C#) running on a Win2K and/or WinXP platform.
.NET Framework 1.1
Impersonation (via web.config and IIS) enabled.

The aspx code needs to run a batch file on the same machine it is
running on. The batch file will perform some tasks (access SQL via
bcp and some OSQL calls) but does not require a UI.

Problem:

The batch file will not run. I'm using the following code to try to
pull this off:

=============================================================
m_strStatusFileName =
Server.UrlDecode(HttpContext.Current.Request.Params["StatusFilename"]);

m_strWorkingDirectory =
Server.UrlDecode(HttpContext.Current.Request.Params["WorkingDirectory"]);

m_strProgramDirectory =
Server.UrlDecode(HttpContext.Current.Request.Params["ProgramDirectory"]);

string strCommand = Path.Combine( m_strProgramDirectory,
"BCPExport.cmd" );

ProcessStartInfo pInfo = new ProcessStartInfo();
pInfo.FileName = strCommand;
pInfo.Arguments = "ALL " + "\x22" + m_strWorkingDirectory + "\x22";

pInfo.WorkingDirectory = m_strProgramDirectory;
pInfo.UseShellExecute = true;
Process myProcess = Process.Start(pInfo);
int iProcessId = myProcess.Id;
myProcess.WaitForExit();
===================================================================

Nothing happens. I've tried several variations of the code (running
cmd.exe and passing the batch filename as args) but that doesn't work
either. Finally, I tried simply running cmd.exe with no args - it
runs, but TaskManager tells me that the ASPNET account owns the
process. That's not what I want. I was under the impression that new
processes would inherit the identity of the authenticated user and NOT
the ASPNET account. Is that not true? If so, then must I revert to
some of the 'force impersonation' code I've seen in the Google
archives about ASPNET and impersonation?

Oh, and I might add that this code worked just fine in an earlier
version of the software that was NOT using impersonation, but rather
anonymous access!

Anyone have any thoughts???

Thanks in advance.

Rob Jones