RE: Troubles with Security Model - Advice Needed Please
From: Michał Januszczyk (anonymous_at_discussions.microsoft.com)
Date: 03/19/04
- Next message: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Previous message: Justin: "Prompt to renew forms auth ticket before expiration"
- In reply to: Joe: "Troubles with Security Model - Advice Needed Please"
- Next in thread: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Reply: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 18 Mar 2004 16:11:09 -0800
----- Joe wrote: -----
> I'm having trouble with my security model, and I was hoping I could find some help.
Actually all You do seems to be right.
Try the following code, and make sure that the "Current Win32 Thread UserContext" label displays name of account to be impersonated. This is the account that will be used to talk with OS resources in the local machine. Currently your application does not impersonate users (ASPNET account is used).
//=========================
web config:
<authentication mode="Windows" /><identity impersonate="false"></identity>
Webform1.aspx:
<form id="Form1" method="post" runat="server"><asp:Label id="Label1" style="Z-INDEX: 101; LEFT: 24px; POSITION: absolute; TOP: 114px" runat="server">Current Win32 Thread UserContext</asp:Label><asp:Label id="Label2" style="Z-INDEX: 102; LEFT: 24px; POSITION: absolute; TOP: 148px" runat="server">HttpContect.CurrentUser</asp:Label><asp:Label id="Label3" style="Z-INDEX: 103; LEFT: 24px; POSITION: absolute; TOP: 180px" runat="server">Current Principal (.Net Thread User Context)</asp:Label><asp:Label id="Label4" style="Z-INDEX: 104; LEFT: 362px; POSITION: absolute; TOP: 115px" runat="server">Label</asp:Label><asp:Label id="Label5" style="Z-INDEX: 105; LEFT: 362px; POSITION: absolute; TOP: 147px" runat="server">Label</asp:Label><asp:Label id="Label6" style="Z-INDEX: 106; LEFT: 363px; POSITION: absolute; TOP: 179px" runat="server">Label</asp:Label></form>
Webform1.aspx.cs
//put this into page load event handler
Label4.Text = WindowsIdentity.GetCurrent().Name;
Label5.Text = User.Identity.Name;
Label6.Text = System.Threading.Thread.CurrentPrincipal.Identity.Name;
//=========================
If You successfully acomplish impersonation, however keep in mind that this may be performance hit.
With impersonation enabled, connection pooling does not work as intended and with high amount of users
accessing the application this may be a performance problem.
Michal Januszczyk
- Next message: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Previous message: Justin: "Prompt to renew forms auth ticket before expiration"
- In reply to: Joe: "Troubles with Security Model - Advice Needed Please"
- Next in thread: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Reply: Michał Januszczyk: "RE: Troubles with Security Model - Advice Needed Please"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
