Re: Access Network Shares from asp.net
From: Steve Caliendo (scaliendo_at_epion.com)
Date: 03/23/04
- Next message: Chris Mohan: "Tradeoffs? requestEncoding & "Canonicalization""
- Previous message: Fresh Air Rider: "How can I keep a FormsAuthenticationTicket updated ?"
- In reply to: Raterus: "Access Network Shares from asp.net"
- Next in thread: Oliver: "Re: Access Network Shares from asp.net"
- Reply: Oliver: "Re: Access Network Shares from asp.net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Mar 2004 14:23:25 -0500
I think you need to set up permsissions for the ASPNET user on the web
server. I don't know if this is acceptable in your application, but:
If you - when sitting at the web server PC - can access, say "Z:\" drive by
browsing, then what you want can be done by setting the User Permissions for
the ASPNET user to be identical for the current user of the web server PC.
I've set my ASPNET user to be an administrator, and my connection problems
went away. I'm sure that this is some kind of 'no-no', but I don't care.
Steve
"Raterus" <raterus@localhost> wrote in message
news:OhoL6uOEEHA.1368@TK2MSFTNGP11.phx.gbl...
> I'm getting a little overwhelmed with security with a problem I'm having.
> Basically I have a network share on a separate server than my web server
> that I need to access from an aspx page. This is an intranet application,
> and every user will be using IE. I've disabled anonymous access on IIS,
and
> I'm using Integrated Windows Authentication. Web.config authentication is
> set to "Windows".
>
> Here is where I'm getting confused, mostly with impersonation, I think I
> understand what it is, but I'm not sure I need to use it <identity
> impersonate="true"> in web.config.
>
> Here is what I'm after, a user accesses this webpage, I determine the
folder
> they need to get at, and send a DirectoryInfo object out to get a listing
of
> files off this network share. The share itself has full access for
"domain
> admins" and each user folder inherits that permission, and I've manually
set
> full access permissions for each user based on the folder.
>
> That's where my problem is, I get a "System.UnauthorizedAccessException"
> error, and I can't seem to figure out why! It seems like it should work,
> especially with impersonate="true" set.
>
> I ran this code and here is what I got (impersonate="false"):
> Response.Write("HttpContext: " & HttpContext.Current.User.Identity.Name &
> "<BR>")
> Response.Write("WindowsIdentity: " &
> System.Security.Principal.WindowsIdentity.GetCurrent.Name & "<br>")
> Response.Write("Thread: " &
> System.Threading.Thread.CurrentPrincipal.Identity.Name & "<br>")
>
> HttpContext: MYDOMAIN\Michael
> WindowsIdentity: NT AUTHORITY\NETWORK SERVICE
> Thread: MYDOMAIN\Michael
>
> The MYDOMAIN\Michael is my username, and that is what I want to be used
when
> determining directory access. I've tried to toggle <identity
> impersonate="true"> but I still get the error. They only way I've gotten
it
> to work is to have "everyone" permissions set with full access, not the
> solution I want!
>
> Can anyone offer any help?
> --Michael
>
>
- Next message: Chris Mohan: "Tradeoffs? requestEncoding & "Canonicalization""
- Previous message: Fresh Air Rider: "How can I keep a FormsAuthenticationTicket updated ?"
- In reply to: Raterus: "Access Network Shares from asp.net"
- Next in thread: Oliver: "Re: Access Network Shares from asp.net"
- Reply: Oliver: "Re: Access Network Shares from asp.net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
