ASP.NET App with Unmanaged Code - HELP!

Discussion in 'ASP .Net Security' started by Ted, Dec 10, 2004.

  1. Ted

    Ted Guest

    I think the following is a security configuration issue, can someone help?
    I've been stumped on this for a couple of days now and I'm feeling the heat
    at work.

    --

    I'm using a 3rd party ActiveX control which has it's own constructor and two
    very simple methods (which ultimately sends out messages on the server's USB
    port). I am trying to run this ActiveX component in my ASP.NET applicaiton.
    For now, I'm testing this application via *localhost* connection, but will
    eventually go to a client/server domain.

    At first, within the Page_Load method, I successfully instantiate it using
    the constructor -- no exceptions caught:
    try
    {
    oABC = new ABCClass();
    Response.Write("oABC object was created");
    }
    catch ..

    Later, upon a button press, I try to use the method(s) within oABC -- again,
    it appears everything works - no exceptions caught:
    try
    {
    Object err;
    err = oABC.Method1( "xxx", "xxx", null, null);
    Response.Write("Method1 Succeeded - err = " + err.ToString());
    }
    catch ...

    *BUT*, Method1 doesn't appear to send out a USB message.

    *HOWEVER*, Method1 works fine in console C# app called directly from the
    command line or if I surf to a VBScript/HTML file with the method call,
    which presumably uses the ActiveX on the client's IE container. In both of
    these cases the USB port receives/sends the messages.

    Right now, IIS is running Anonymous Authentication (though Windows
    Authentication is also checked in the dialog box), ASP.NET is running
    Windows Authentication. Impersonation is not set (default=false). No
    application identities set. Also, I have no CAS settings assigned. I think
    this means that the calling process would be System process -- shouldn't
    this have all the rights required?

    If the unmanaged code is accessing files, I/O, etc. does the calling
    assembly need to provide access?

    Any recommendations?

    Ted
    Ted, Dec 10, 2004
    #1
    1. Advertising

  2. Ted

    Kaustav Guest

    Hi Ted,

    use impersonation and your code should work. By default ASPNET account has
    the least privileges and hence pretty often it is not able to execute various
    methods which are otherwise possible when you are using a Console App or a
    Winforms App since then such applications are running on the Security Context
    of the logged in user.

    HTH.

    Kaustav Neogy.

    "Ted" wrote:

    > I think the following is a security configuration issue, can someone help?
    > I've been stumped on this for a couple of days now and I'm feeling the heat
    > at work.
    >
    > --
    >
    > I'm using a 3rd party ActiveX control which has it's own constructor and two
    > very simple methods (which ultimately sends out messages on the server's USB
    > port). I am trying to run this ActiveX component in my ASP.NET applicaiton.
    > For now, I'm testing this application via *localhost* connection, but will
    > eventually go to a client/server domain.
    >
    > At first, within the Page_Load method, I successfully instantiate it using
    > the constructor -- no exceptions caught:
    > try
    > {
    > oABC = new ABCClass();
    > Response.Write("oABC object was created");
    > }
    > catch ..
    >
    > Later, upon a button press, I try to use the method(s) within oABC -- again,
    > it appears everything works - no exceptions caught:
    > try
    > {
    > Object err;
    > err = oABC.Method1( "xxx", "xxx", null, null);
    > Response.Write("Method1 Succeeded - err = " + err.ToString());
    > }
    > catch ...
    >
    > *BUT*, Method1 doesn't appear to send out a USB message.
    >
    > *HOWEVER*, Method1 works fine in console C# app called directly from the
    > command line or if I surf to a VBScript/HTML file with the method call,
    > which presumably uses the ActiveX on the client's IE container. In both of
    > these cases the USB port receives/sends the messages.
    >
    > Right now, IIS is running Anonymous Authentication (though Windows
    > Authentication is also checked in the dialog box), ASP.NET is running
    > Windows Authentication. Impersonation is not set (default=false). No
    > application identities set. Also, I have no CAS settings assigned. I think
    > this means that the calling process would be System process -- shouldn't
    > this have all the rights required?
    >
    > If the unmanaged code is accessing files, I/O, etc. does the calling
    > assembly need to provide access?
    >
    > Any recommendations?
    >
    > Ted
    >
    >
    >
    Kaustav, Dec 15, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sacha Korell
    Replies:
    0
    Views:
    691
    Sacha Korell
    Jul 25, 2003
  2. =?Utf-8?B?UHJpeWE=?=

    call a unmanaged dll in ASP.NET app

    =?Utf-8?B?UHJpeWE=?=, Oct 28, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    2,827
    CJ Taylor
    Oct 28, 2004
  3. =?Utf-8?B?c2h5YW0=?=
    Replies:
    2
    Views:
    703
    =?Utf-8?B?c2h5YW0=?=
    May 22, 2006
  4. GAH
    Replies:
    0
    Views:
    494
  5. Mark Duregon

    Access File Share from ASP.NET using Unmanaged Code

    Mark Duregon, Jul 14, 2004, in forum: ASP .Net Security
    Replies:
    13
    Views:
    244
    Yan-Hong Huang[MSFT]
    Jul 19, 2004
Loading...

Share This Page