Re: IIS Filters and SF_NOTIFY_AUTH_COMPLETE Notification

From: Pat (patfilot@online.microsoft.com)
Date: 09/19/02 

From: "Pat" <patfilot@online.microsoft.com>
Date: Thu, 19 Sep 2002 09:57:46 GMT

A few thoughts:

1) You should be creating a separate thread to handle this call, b/c all COM
calls are synchronous, and you are tying up a listener thread for a long
time.

2) How are you creating the COM object? Can you post the CCI call? Are you
doing anything before the CCI call (maybe something is calling
RevertToSelf() on you)?

3) Have you tested your code w/out authenticating a user. Just to see if
the COM+ object was being created w/the IUser context?

Pat

"Pierre Bisaillon" <pierrebizz@hotmail.com> wrote in message
news:OdNmKroXCHA.460@tkmsftngp11...
> Sorry for the crosspost, but I'm a bit desperate!
>
> I was wondering if anyone had any clues regarding how to use the user's
> token
> returned by the GetUserToken() method of the
HTTP_FILTER_AUTH_COMPLETE_INFO
> structure,
> in order to impersonate the said user.
>
> Here is what i do:
>
> I impersonate the user by calling SetThreadToken(0, hUser);
>
> SetThreadToken returns TRUE, indicating it succeeded, and i can see that
the
> user is properly set by calling OpenThreadToken(GetCurrentThread()...) ...
> GetTokenInformation ... LookupAccountSid ... CloseHandle.
>
> I then create some COM+ objects running in a COM+ application on the same
> machine as the IIS user
>
> The problem is that I do not get the identity of the impersonated user in
> the COM+ Application, but NT AUTHORITY\System user instead.
>
> Thanking you in advance,
>
> Pierre
>
>

Relevant Pages

  • Re: Remote call to COM impersonating another user
    ... This can be done by calling "CoInitializeSecurity" using PInvoke, when calling CoInitializeSecurity you'll have to set "DynamicCloaking" and the "Impersonate" level for proxies in order to be able to impersonate the "caller" at the server. ... IntPtr asAuthSvc, ...
    (microsoft.public.dotnet.languages.csharp)
  • RE: Occasional SecurityException when impersonating a user on a new th
    ... Why don't you just use SQL server authentication? ... it won't matter what the identity is of the calling thread. ... the new thread impersonate the local user so that the thread will be ... executes a long running task in a separate thread and refresh the ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Windows 2003 Event logging
    ... >Reading MSDN it is a permissions issue. ... >> want to have a separate thread that writes to event log. ... >> This thread would have to impersonate as ...
    (borland.public.delphi.nativeapi)
  • IIS Filters and SF_NOTIFY_AUTH_COMPLETE Notification
    ... but I'm a bit desperate! ... I was wondering if anyone had any clues regarding how to use the user's ... I impersonate the user by calling SetThreadToken ... user is properly set by calling OpenThreadToken...) ... ...
    (microsoft.public.inetserver.iis.security)
  • Re: Break thread sleep
    ... I'm not sure if I really need to make separate thread for it. ... (And tell you the truth I don't even know how. ... That perforTask takes ... On what thread are you calling this "performTask", is it on the UI thread or on another thread? ...
    (microsoft.public.dotnet.languages.csharp)