LogonUser from ASP.NET
From: laimis (simulai_at_NOSPAMiit.edu)
Date: 01/25/05
- Previous message: tparks69: "forms based authentication in mixed asp / asp.net environment"
- Next in thread: Paul Clement: "Re: LogonUser from ASP.NET"
- Reply: Paul Clement: "Re: LogonUser from ASP.NET"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Jan 2005 10:37:39 -0600
Hello everybody,
this is rather complicated, but intriguing problem that I have been having.
What I want to do is: after user connects to my asp.net application, I want
to elevate the thread's user from ASPNET to let's say administrator so that
priviledged operation could be performed. I don't want to change account
under which ASP.NET runs. My idea is to impersonate in COM+ app that runs
under priviledged account.
Currently here is how I have it implemented.
1. HttpModule intercepts the request for the application.
2. Module calls COM+ app that runs with priviledged account
3. COM+ app calls LogonUser to obtain security handle which later is used in
creating windows identity and impersonaiting the identity, thus receiving
context.
4. Context is returned to the module
5. Module uses it to assign to the current context of the executing thread
All of the steps work just fine. I call LogonUser, I can see in the security
log the succesful audit event. However, the context assigned doesn't make a
difference to the running thread and the thread's user still returns ASPNET.
Does anyone see a problem with my method?
Thanks!
Laimis
- Previous message: tparks69: "forms based authentication in mixed asp / asp.net environment"
- Next in thread: Paul Clement: "Re: LogonUser from ASP.NET"
- Reply: Paul Clement: "Re: LogonUser from ASP.NET"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
