K
Karl
Will a forms authentication allow me to impersonate a user?
I am working on an application that will run on a kiosk, and allow a user to
login and view their homedirectory.
I have a form with the new login control which works great.
I get logged in, and find the user's homedirectory.
I then write Click here to access your home directory, and include a file
URL pointing to the homedirectory
All of this works, until the user clicks the link. At this point, a user
cannot access their user drive without logging in again.
So, now I am trying to map a drive using WNetAddConnection2A, and it fails
with an error 5 on my development PC (Access Denied)
I get a formsauthentication ticket via
FormsIdentity fi = (FormsIdentity)User.Identity;
FormsAuthenticationTicket fat = fi.Ticket;
fat.name populates correctly
Then, i call WNetAddConnection2A using the structure of:
dwType= RESOURCETYPE_DISK
lpLocalName = "m:"
lpRemoteName = "\\\\usawvfs04\\userskl\\karlm"
lpProvider= null
My lpPassword is null, my lpUsername I set to fat.name.tostring()
I do not set any dwFlags.
If I hard code my own null terminated username and password, I get an error
1312 (ERROR_NO_SUCH_LOGON_SESSION)
Here is the relevent code:
FormsIdentity fi = (FormsIdentity)User.Identity;
FormsAuthenticationTicket fat = fi.Ticket;
IIdentity WinId= HttpContext.Current.User.Identity;
try
{
char[] splitter = { '\\' };
string SearchString ="";
// Access resources using the identity of the authenticated user
DirectoryEntry obEntry = new
DirectoryEntry("LDAP:servername/DC=/DC=/DC=");
SearchString = "anr=" + fi.Ticket.Name.ToString();
DirectorySearcher search = new DirectorySearcher(obEntry,
SearchString);
SearchResult res = search.FindOne();
strUserDrive = (string)res.Properties["homedirectory"][0];
Response.Write("Hello, " +
(string)res.Properties["givenname"][0]+".");
Response.Write("<br/><br/>Your User Drive is now
available.<br/>");
NETRESOURCEA[] n = new NETRESOURCEA[1];
n[0] = new NETRESOURCEA();
n[0].dwType = 1;
int dwFlags = 1;
n[0].lpLocalName = @"m:";
n[0].lpRemoteName = (string)res.Properties["homedirectory"][0];
n[0].lpProvider = null;
FAILS HERE:
int result = CMyMprTest.WNetAddConnection2A(n, null, fi.Name,
dwFlags);
Response.Write("<br/>Click here to access your <a
href=file://m:> user drive</a>");
Response.Write("<br/><br/>Remember to click Logout when you are
done with your user drive.");
I am working on an application that will run on a kiosk, and allow a user to
login and view their homedirectory.
I have a form with the new login control which works great.
I get logged in, and find the user's homedirectory.
I then write Click here to access your home directory, and include a file
URL pointing to the homedirectory
All of this works, until the user clicks the link. At this point, a user
cannot access their user drive without logging in again.
So, now I am trying to map a drive using WNetAddConnection2A, and it fails
with an error 5 on my development PC (Access Denied)
I get a formsauthentication ticket via
FormsIdentity fi = (FormsIdentity)User.Identity;
FormsAuthenticationTicket fat = fi.Ticket;
fat.name populates correctly
Then, i call WNetAddConnection2A using the structure of:
dwType= RESOURCETYPE_DISK
lpLocalName = "m:"
lpRemoteName = "\\\\usawvfs04\\userskl\\karlm"
lpProvider= null
My lpPassword is null, my lpUsername I set to fat.name.tostring()
I do not set any dwFlags.
If I hard code my own null terminated username and password, I get an error
1312 (ERROR_NO_SUCH_LOGON_SESSION)
Here is the relevent code:
FormsIdentity fi = (FormsIdentity)User.Identity;
FormsAuthenticationTicket fat = fi.Ticket;
IIdentity WinId= HttpContext.Current.User.Identity;
try
{
char[] splitter = { '\\' };
string SearchString ="";
// Access resources using the identity of the authenticated user
DirectoryEntry obEntry = new
DirectoryEntry("LDAP:servername/DC=/DC=/DC=");
SearchString = "anr=" + fi.Ticket.Name.ToString();
DirectorySearcher search = new DirectorySearcher(obEntry,
SearchString);
SearchResult res = search.FindOne();
strUserDrive = (string)res.Properties["homedirectory"][0];
Response.Write("Hello, " +
(string)res.Properties["givenname"][0]+".");
Response.Write("<br/><br/>Your User Drive is now
available.<br/>");
NETRESOURCEA[] n = new NETRESOURCEA[1];
n[0] = new NETRESOURCEA();
n[0].dwType = 1;
int dwFlags = 1;
n[0].lpLocalName = @"m:";
n[0].lpRemoteName = (string)res.Properties["homedirectory"][0];
n[0].lpProvider = null;
FAILS HERE:
int result = CMyMprTest.WNetAddConnection2A(n, null, fi.Name,
dwFlags);
Response.Write("<br/>Click here to access your <a
href=file://m:> user drive</a>");
Response.Write("<br/><br/>Remember to click Logout when you are
done with your user drive.");