Re: WindowsIdentity - Invalid token; it cannot be duplicated

Hi,

well - frankly, i don't understand what you are doing...

and why do you have to pass tokens around??


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Hi Domnic,

Thanks for your response. Here the code from Login() webmethod and
the same token will be passed to another method which has the actual
problem.

WindowsIdentity wi = WindowsIdentity.GetCurrent();
IntPtr iToken = wi.Token;
string domainName="";
string userName="";
if (wi.Name != null)
{
string curUser = wi.Name;
if (curUser.Length>0)
{
int sepIndex = curUser.IndexOf(@"\");
if (sepIndex>-1)
{
domainName = curUser.Substring(0,sepIndex);
int len = curUser.Length-domainName.Length;
if (len>0)
{
userName = curUser.Substring(sepIndex+1,len-1);
}
}
else //just in case , no domain
userName=curUser;
}
}
Thanks,
Kamal.
"Dominick Baier" wrote:

Where do you get the token from?

-----
Dominick Baier (http://www.leastprivilege.com)
Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)

I am having invalid token, it cannot be duplicated error 70% of the
time on one machine. We are creating and validating the current
user. The following line of code raise exception.

System.Security.Principal.WindowsIdentity winIden=new
System.Security.Principal.WindowsIdentity(iToken);

Exception:
String Message = "LoginWI() Invalid token; it cannot be duplicated.
at
RtReports.Security.LocalAuthentication.CheckUserGroups(IntPtr
iToken,
StringCollection strGroupsCollection)
Any help is really appreciated.

Thanks,
Kamal


.

Relevant Pages

  • Re: WindowsIdentity - Invalid token; it cannot be duplicated
    ... Dominick Baier ... So, the login method is common and before that we received the Token, ... IntPtr iToken, string domainName, string userName) ... and why do you have to pass tokens around?? ...
    (microsoft.public.dotnet.security)
  • Re: WindowsIdentity - Invalid token; it cannot be duplicated
    ... Dominick Baier ... So, the login method is common and before that we received the Token, ... IntPtr iToken, string domainName, string userName) ... and why do you have to pass tokens around?? ...
    (microsoft.public.dotnet.security)
  • Re: WindowsIdentity - Invalid token; it cannot be duplicated
    ... So, the login method is common and before that we received the Token, we are ... IntPtr iToken, string domainName, string userName) ... and why do you have to pass tokens around?? ... Dominick Baier ...
    (microsoft.public.dotnet.security)
  • Re: Win 2003 svr/ASP.NET 2.0 UNC share
    ... Dominick Baier ... Developing More Secure Microsoft ASP.NET 2.0 Applications ... Now I need to setup Kerberos between the web1 and fileserver web2. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Exact implementation of PasswordDerivedBytes
    ... Dominick Baier ... Developing More Secure Microsoft ASP.NET 2.0 Applications ... The reflector tool proved to be very powerful in this case. ... hope reflector will help me along, but my expectations are low. ...
    (microsoft.public.dotnet.security)