Impersonation problem

Discussion in 'ASP .Net Security' started by Marc Wuergler, Aug 17, 2004.

  1. Hi !

    I'm trying to secure my web application using impersonation within the
    web.config file as follows :

    <identity impersonate="true"
    userName="MyMachine\MyUser"
    password="MyPassword" />

    This gives me the error : Access to
    "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET
    Files\webtests\5586467f\285b6247\hash.web" denied ...

    If I do the same using a user of the domain, then it works ...

    <identity impersonate="true"
    userName="MyDomain\DomainUser"
    password="MyPassword" />

    Any idea about what I'm doing wrong ?


    Of course, once this is working, I'm planning to encrypt this using
    aspnet_setreg.exe and the following web.config entry :
    <identity impersonate="true"
    userName="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,userName"
    password="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,password" />

    Again ... this works with my domain user, but not with the local user
    defined on my machine. By the way, my local user has full control on the web
    application folder

    Thanks for your help
    Marc Wuergler, Aug 17, 2004
    #1
    1. Advertising

  2. Marc Wuergler

    Raterus Guest

    The user you are impersonating with doesn't have access to "C:\winnt\microsoft.net\framework\v1.1.4322\temporary asp.net files", you must give them NTFS permissions to access this directory.

    "Marc Wuergler" <> wrote in message news:...
    > Hi !
    >
    > I'm trying to secure my web application using impersonation within the
    > web.config file as follows :
    >
    > <identity impersonate="true"
    > userName="MyMachine\MyUser"
    > password="MyPassword" />
    >
    > This gives me the error : Access to
    > "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET
    > Files\webtests\5586467f\285b6247\hash.web" denied ...
    >
    > If I do the same using a user of the domain, then it works ...
    >
    > <identity impersonate="true"
    > userName="MyDomain\DomainUser"
    > password="MyPassword" />
    >
    > Any idea about what I'm doing wrong ?
    >
    >
    > Of course, once this is working, I'm planning to encrypt this using
    > aspnet_setreg.exe and the following web.config entry :
    > <identity impersonate="true"
    > userName="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,userName"
    > password="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,password"/>
    >
    > Again ... this works with my domain user, but not with the local user
    > defined on my machine. By the way, my local user has full control on the web
    > application folder
    >
    > Thanks for your help
    >
    >
    Raterus, Aug 17, 2004
    #2
    1. Advertising

  3. Thanks a lot ... it works fine now
    "Raterus" <> a écrit dans le message de
    news:%...
    The user you are impersonating with doesn't have access to
    "C:\winnt\microsoft.net\framework\v1.1.4322\temporary asp.net files", you
    must give them NTFS permissions to access this directory.

    "Marc Wuergler" <> wrote in message
    news:...
    > Hi !
    >
    > I'm trying to secure my web application using impersonation within the
    > web.config file as follows :
    >
    > <identity impersonate="true"
    > userName="MyMachine\MyUser"
    > password="MyPassword" />
    >
    > This gives me the error : Access to
    > "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET
    > Files\webtests\5586467f\285b6247\hash.web" denied ...
    >
    > If I do the same using a user of the domain, then it works ...
    >
    > <identity impersonate="true"
    > userName="MyDomain\DomainUser"
    > password="MyPassword" />
    >
    > Any idea about what I'm doing wrong ?
    >
    >
    > Of course, once this is working, I'm planning to encrypt this using
    > aspnet_setreg.exe and the following web.config entry :
    > <identity impersonate="true"
    > userName="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,userName"
    > password="registry:HKLM\SOFTWARE\MyApp\identity\ASPNET_SETREG,password" />
    >
    > Again ... this works with my domain user, but not with the local user
    > defined on my machine. By the way, my local user has full control on the

    web
    > application folder
    >
    > Thanks for your help
    >
    >
    Marc Wuergler, Aug 18, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kelly D. Jones

    Problem with impersonation and delegation

    Kelly D. Jones, Sep 4, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    1,806
  2. Thomas

    problem using impersonation

    Thomas, Oct 24, 2003, in forum: ASP .Net
    Replies:
    4
    Views:
    437
    Thomas
    Oct 27, 2003
  3. jm
    Replies:
    1
    Views:
    1,910
    bruce barker
    Dec 20, 2003
  4. Replies:
    0
    Views:
    402
  5. hellrazor

    problem with aspnet "impersonation"

    hellrazor, Nov 19, 2004, in forum: ASP .Net
    Replies:
    5
    Views:
    7,781
    Willy Denoyette [MVP]
    Nov 19, 2004
Loading...

Share This Page