Impersonation using WindowsIdentity( upn ) ctor

From: Alberto Ortega (beto_at_NOSPAMTOMEsouthworks.net)
Date: 02/22/05 

Date: Tue, 22 Feb 2005 14:46:46 -0300

I'm trying to impersonate a user using the WindowsIdentity ctor. This is
what I'm doing

WindowsIdentity id = new WindowsIdentity( "test@dev1.domain-dev.net" );
WindowsImpersonationContext wic = id.Impersonate();
try
   {
    DoSome();
 }
 finally
 {
   wic.Undo();
 }

I'm getting this exception

Access is denied.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.ApplicationException: Access is denied.

[ApplicationException: Access is denied.
]
   System.Security.Principal.WindowsIdentity._ResolveIdentity(IntPtr
userToken) +0
   System.Security.Principal.WindowsIdentity.get_Name() +70
   ImpersonationTest.WebForm1.DoSome() in
c:\inetpub\wwwroot\impersonationtest\webform1.aspx.cs:71
   ImpersonationTest.WebForm1.ImpersonateWinId() in
c:\inetpub\wwwroot\impersonationtest\webform1.aspx.cs:41
   ImpersonationTest.WebForm1.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\impersonationtest\webform1.aspx.cs:29
   System.Web.UI.Control.OnLoad(EventArgs e) +67
   System.Web.UI.Control.LoadRecursive() +35
   System.Web.UI.Page.ProcessRequestMain() +750

The configuration is:

* IIS: Anonynous checkbox ON and Integrated Security checkbox ON

* Web.config: <identity impersonate="true"> and <authentication
mode="Forms"> (auth mode forms is a requisite non negotiable on my app)

* The app pool for the virtual dir is configured with Network Service

Running on Win2K3 Domain Controller

Any idea of what I should do to make the impersonation work?

Thanks,
Beto

Relevant Pages

  • Impersonation using WindowsIdentity( upn ) ctor
    ... I'm trying to impersonate a user using the WindowsIdentity ctor. ... An unhandled exception occurred during the execution of the ... * The app pool for the virtual dir is configured with Network Service ...
    (microsoft.public.dotnet.security)
  • Re: Sql Reporting Serviced - > ASP.NET ACCESS DENIED!
    ... The account you are logging in to when on the server doesn't have the ... do you have <Impersonate> set to True? ... > Exception Details: System.UnauthorizedAccessException: Access to the path ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Failed to start monitoring file changes when impersonation="true".
    ... With impersonate = true, the thread takes the identity of either: ... An unhandled exception occurred during the execution of the ... Failed to start monitoring file ... I also tried to give full access control to my ...
    (microsoft.public.dotnet.framework.aspnet)
  • Accessing SPRole class returns an access denied exception
    ... "access denied" exception, altough the current user is impersonated as ... All other operations where you have to impersonate as ... administrator works without problems, ... UInt32& pdwColCount, UInt32& pdwRowCount, Object& pvarDataSet) ...
    (microsoft.public.sharepoint.portalserver.development)