Re: Application Flow / security issues
- From: "Justin Rich" <jrich523@xxxxxxxxxxxxxx>
- Date: Tue, 2 Oct 2007 09:32:08 -0400
I had already set the web config which is why i was able to get the user
info but it seems that when i go to access the file it refuses to use that
account. even when i tried your code it still didnt work.
the link made mention of delegation.. how do i know when thats needed? im
pretty confused. it says "Delegation is a more powerful form of
impersonation and makes it possible for the server process to access remote
resources while acting as the client."
isnt it always the server process? Anything i toss in the cs file i assume
is executed as the server process which in turn is actually the application
pool.
I have already looked in to the delegation and because of how the network is
run i will be unable to do that.
I enabled all of the auditing to see if i can catch the failed attempt and
there are no entries (i did however find some other guy trying to get on my
box)..
Im going to attempt to deploy this on an XP or 2k box rather than a 2k3
because i assume the root of this problem is the application pool.
if anyone can provide some insight as to whats going on here i would greatly
appreciate it.
Thanks
Justin
"Alexey Smirnov" <alexey.smirnov@xxxxxxxxx> wrote in message
news:1191276328.022414.150600@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
On Oct 1, 11:10 pm, Jesse Houwing <jesse.houw...@xxxxxxxxxxxxxxxx>
wrote:
Hello Justin,
im having some issues with application security and i was wondering if
anyone could point me in the direction of some good resources that
would explain the different levels of security.
the problem im currently having is im trying to make a web app that
will pull a file from the client (clients are on the lan and part of
the domain) and its giving me a denied access..
I have set IIS to not allow anon access (verified with
System.Security.Principal.WindowsIdentity.GetCurrent().Name) which
shows the username correctly.
I assume that whats happening now is its using the application pool
identity (set to Network Service by default) to go back to the client
instead of the logged in user creds. I tried messing with the identity
of the application pool with no luck
FileInfo fi1 = new FileInfo(path) <-- problem line
path resolves to something like \\ip\c$\folder\file.txt
I expect the users of my app to be local admins on the machine.
ASP.NET 2.0
You can set impersonation in the web.config. That should fix your
problem.
http://msdn2.microsoft.com/en-us/library/aa292118(VS.71).aspx
--
Jesse Houwing
jesse.houwing at sogeti.nl- Hide quoted text -
- Show quoted text -
or try
System.Security.Principal.WindowsImpersonationContext
impersonationContext;
impersonationContext =
((System.Security.Principal.WindowsIdentity)HttpContext.Current.User.Identity).Impersonate();
FileInfo fi1 = new FileInfo(path)
...
impersonationContext.Undo();
.
- Follow-Ups:
- Re: Application Flow / security issues
- From: Joe Kaplan
- Re: Application Flow / security issues
- References:
- Application Flow / security issues
- From: Justin Rich
- Re: Application Flow / security issues
- From: Jesse Houwing
- Re: Application Flow / security issues
- From: Alexey Smirnov
- Application Flow / security issues
- Prev by Date: Re: Application Flow / security issues
- Next by Date: Re: Application Flow / security issues
- Previous by thread: Re: Application Flow / security issues
- Next by thread: Re: Application Flow / security issues
- Index(es):
Relevant Pages
|
|
