Accessing network files from an external process

R

Raterus

Here is a good problem I'm hoping someone can help me with. Let me start out with my configuration.

I have an asp.net application, integrated windows authentication. Delegation is set up on my webserver to allow access to remote resources, it works great from within asp.net.

I'm trying to work in an external command-line program, which will access files on the network. For this I'm using System.Diagnostics.Process. I'm positive I've set this up correctly to run the command, but the error I'm receiving from the program is that it can't open files that I'm setting in command line parameters. If I run the exact same command w/parameters by hand, it works great, and I know the files I'm specifying do infact exist.

Sounds like a security problem to me, I have identity impersonate="true" set, also my Authentication mode is set to "Windows" in web.config.

How can I allow this external process to execute under the same context as my authenticated user, so this process can access any network files my asp.net application can?

Thanks for any help!
--Michael
 
A

avnrao

when you impersonate the logged in user and access some external process,
external process does not run under impersonated user. rather it runs under
the configured identity (ASPNet account).

you need to explicitly impersonate by calling LogonUser.
check the code here :
http://www.informit.com/articles/article.asp?p=169580&seqNum=2

Av.

Here is a good problem I'm hoping someone can help me with. Let me start
out with my configuration.

I have an asp.net application, integrated windows authentication.
Delegation is set up on my webserver to allow access to remote resources, it
works great from within asp.net.

I'm trying to work in an external command-line program, which will access
files on the network. For this I'm using System.Diagnostics.Process. I'm
positive I've set this up correctly to run the command, but the error I'm
receiving from the program is that it can't open files that I'm setting in
command line parameters. If I run the exact same command w/parameters by
hand, it works great, and I know the files I'm specifying do infact exist.

Sounds like a security problem to me, I have identity impersonate="true"
set, also my Authentication mode is set to "Windows" in web.config.

How can I allow this external process to execute under the same context as
my authenticated user, so this process can access any network files my
asp.net application can?

Thanks for any help!
--Michael
 
R

Raterus

I ended up working around my problem by this, it will only work in certain situations though. The external process I was trying to run only needed access to certain "secure" files, I copied these files from the secure resources to a temporary folder on the webserver, then ran the external process using these copied files. After I was done I deleted them. Worked great, and I avoided the mess of using all these LogonUser/SecurityDelegation/DuplicateTokenEx stuff!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

I want to simulate social network activity. How to approach the problem? 1
best practice for accessing a network share from IIS 2
Python - forking an external process? 5
Trying to access hdml from an open browser using Python. 1
Accessing network files 2
Find and count strings of text from multiple files 17
I need help in understanding these files on my phone, Could someone help me understand these files? Urgent help needed. Please help. 1
Suggestions on building an AI? 0

Members online

No members online now.
Total: 21 (members: 0, guests: 21)
Robots: 233

Forum statistics

Threads
473,767
Messages
2,569,570
Members
45,045
Latest member
DRCM

Latest Threads

Top