Re: ASP.NET Forms Authentication & LogonUser API

From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 3 May 2006 18:15:16 -0500

Did you impersonate the token you received as a result of the call to
LogonUser? It gives you a token, but it doesn't automatically make the
current thread's security context execute as the returned token.

Joe K.

"C" <C@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7A6303E7-450B-43AF-95D2-18BE2984A047@xxxxxxxxxxxxxxxx

Hi,

I am using both of above in my ASP.Net app.

To use the LogonUser API i have to add the ASPNET account to the Local
Security Policy - "Act as part of teh operating System" (see below article
for reason why)

http://aspalliance.com/39

In my Web App when I try to get the current logged on user using

System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString()

This returns MyDomain/ASPNET every time.

Why?

How can I get the NT UserName of the user accessing my app?

Thanks.

Prev by Date: Re: Migrating code from .NET 1.1 to Partial Trust server
Next by Date: Re: Launching IE Window From Partially Trusted Code
Previous by thread: Windows Identity within Forms Authentication in ASP.NET
Next by thread: Re: Securing DropDown in ASP.Net
Index(es):
- Date
- Thread

Relevant Pages

Re: opening files on file shares with different username/passwords
... you can impersonate that user and try and open the file. ... LogonUser(), ImpersonateLoggedOnUser. ... > users using the app access to the share just my app. ...
(microsoft.public.win32.programmer.networks)
Re: LogonUser from ASP.NET
... privileges), this attempt to elevate privileges will fail. ... > the impersonization since i call impersonate in the COM+ component. ... > obtained from the LogonUser and then calling Impersonate from ASP.NET ... What should I change in the config file to allow ASP.NET app ...
(microsoft.public.dotnet.framework.aspnet.security)
q: asp.net: changing logon time to get LOGON32_LOGON_NETWORK_CLEARTEXT ?
... mode="Windows", so the app will impersonate under the user, which access ... app identity was logged on w/out the NETWORK_CLEARTEXT flag ... can I change that flag somehow for current application ... I can not do the LogonUser, because my server-side code do not ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: LogonUser from ASP.NET
... COM+ to call LogonUser to get the token handle. ... The exception that I get while trying to call Impersonate from the ASP.NET ... app is the SecurityException. ... > SecurityException or some other type of exception? ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Cross domain exchange server access, popup boxes....
... LogonUser/ImpersonateLoggedOnUser or run your app as an admin to be able to ... > exchange server and access the data. ... > windows service so a popup box won't fly at all. ... > LogonUser system call to impersonate the user that can access the ...
(microsoft.public.win32.programmer.messaging)