Re: Having an ASP.Net server write a flie to another server

From: Paul Glavich [MVP - ASP.NET] (glav_at_aspalliance.com-NOSPAM)
Date: 05/05/04

• Next message: Nick Wright: "Windows Authentication"
• Previous message: Ken Schaefer: "Re: ASPNET account and Domain Controller"
• In reply to: Jake: "Having an ASP.Net server write a flie to another server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 5 May 2004 23:06:02 +1000

You could use the DPAPI to store a specific users credentials on the machine
somewhere (config file, registry etc.) in encrypted format, and when you
want to write the file, simply impersonate that user in code, write the
file, then undo the impersonation. The link below has a sample of how to
impersonate a user, then undo that impersonation.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/
frlrfSystemSecurityPrincipalWindowsImpersonationContextClassTopic.asp

Also, below is a link to a DPAPI library I have written that contains full
source code and is ready to use from .Net. (ie. all the calls to unmanaged
code are already done for you)

http://authors.aspalliance.com/glav/downloads/dpapi_wrapper.zip

--
- Paul Glavich
Microsoft MVP - ASP.NET
"Jake" <anonymous@discussions.microsoft.com> wrote in message
news:6B8734A0-1197-4CC2-B461-A19657E81363@microsoft.com...
> Hi all,
>
> I am trying to have my ASP.Net server write a file onto another server.  I
continue to have security issues when attempting to do this.  Ideally what I
would like to achieve is to have the specific code within the function run
under a specific account that has access to the other server.  Or will I
have to allocate the permissions to the actual ASP.Net process, which i can
see will have other security implications.  Any ideas?
>
> Thanks in advance.
>
> Cheers Jake

---

• Next message: Nick Wright: "Windows Authentication"
• Previous message: Ken Schaefer: "Re: ASPNET account and Domain Controller"
• In reply to: Jake: "Having an ASP.Net server write a flie to another server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Under which credentials COM makes calls from another process? ... There are two ways our server application (server here is not ... authenticate via SSPI. ... which is used later to impersonate thread on the server ... can get some properties of these objects: client IP address and port, ... (microsoft.public.win2000.developer) Re: Under which credentials COM makes calls from another process? ... There are two ways our server application (server here is not ... authenticate via SSPI. ... which is used later to impersonate thread on the server ... can get some properties of these objects: client IP address and port, ... (microsoft.public.platformsdk.security) Re: Sql Reporting Serviced - > ASP.NET ACCESS DENIED! ... The account you are logging in to when on the server doesn't have the ... do you have <Impersonate> set to True? ... > Exception Details: System.UnauthorizedAccessException: Access to the path ... (microsoft.public.dotnet.framework.aspnet.security) Re: IsInRole always return fasle on secure remoting call (Framework 2.0) ... I doing remoting calls over a TCP channel set to "SECURE", ... means that on the server side the ... information about the client, and it cannot impersonate the client. ... (microsoft.public.dotnet.distributed_apps) Re: AppPool + secureConversation ... connection the web server and SQL server) as well as ideally using a custom ... additional calls to DPAPI or LogonUser. ... tried create a separate exe program that calling logon user API and run ... (microsoft.public.dotnet.framework.webservices.enhancements)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2004-05