Re: ASP.NET and directory security

---

• From: "quintesv via DotNetMonster.com" <u26933@uwe>
• Date: Wed, 27 Sep 2006 06:36:45 GMT

---

Hi Todd,

In response to your questions:

1. I have created a shared directory on my development machine, which is also
the machine hosting the asp.net application. ASPNET has access to that
directory and it works fine if i open the web app via http:
//localhost/webapp/page.aspx.

2. I am experiencing problems accessing the share created on my development
machine if I connect to the asp.net project -on my development machine- from
another PC. Say forexample I am connecting to my machine from a colleagues pc
using the url http://quintesv//webapp.page.aspx. Quintesv would have been
localhost in (1) above.

3.I am using a UNC to access the files. I am looking at impersonation, but
havent been successful yet.

I've seen examples using impersonation using logonuser, but i want to be able
to use the current users logon information. All users will be accessing this
page from an intranet - for now - so using the domain\username should be ok.
Or am i wrong?

I've tried

bool returnValue = LogonUser(@"domain\user", "<PC to access>",
"<Password>",
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);

but it says invalid user name or password.

Thats where I am right now..


Todd Casey wrote:

Q,

I want to clarify your situation.

1. You have setup the DBF files on machine creating a shared directory and
giving the MACHINE\ASPNET user access to that directory?

2. You are experiencing errors while trying to access that share from an
ASP.NET application hosted on a different machine?

3. Are you using a mapped drive (i.e. G:\someshare) or a UNC share (i.e.
\\servername\shomeshare) to access the DBF files?

One possible solution would be to use a UNC share and take advantage of
impersonation (make sure the username and password are the same on machine A
and B).

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vsent7/html/vxconImpersonation.asp

Your answers to the questions should help shed more light on your situation.

Thanks,

Todd Casey

Hi all,

[quoted text clipped - 35 lines]

Thanks in advance
Q

--
Message posted via DotNetMonster.com
http://www.dotnetmonster.com/Uwe/Forums.aspx/asp-net-security/200609/1

.

---

• References:
  • ASP.NET and directory security
    • From: quintesv via DotNetMonster.com
  • Re: ASP.NET and directory security
    • From: Todd Casey

• Prev by Date: Re: Supporting multiple custom RoleProvider versions
• Next by Date: haiii..help me for the page expire
• Previous by thread: Re: ASP.NET and directory security
• Next by thread: haiii..help me for the page expire
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2006-09