Network File access using anonymous access

[Tim Menninger]

I have seen a number of entries related to accessing remote resources (files
in my case) that need to reside on a remote server. We must leave our files
on a remote server due to their size. All of the solutions that I have run
across have used impersonation with some type of windows or forms based
security in the ASP.NET application. Our application does not require user
authentication so we use never collect usernames and passwords. The
application trying to access the remote resource is a webservice but I do
not want to grant the entire web service access to the remote resource.

Is there a way to set full access to a particular remote resource directory
that the ASPNET user has access to or a way to specify a username and
password at runtime when I access the remote resource?

Thanks,

Tim

 

[Jim Cheshire [MSFT]]

Hi Tim,

There are several ways to accomplish this, but the most secure method is
code-level impersonation. Essentially, you call the LogonUser API and
impersonate a user with access to the remote share. After you do your
work, you revert to running under the ASPNET user.

Here's an article that describes how you can do that:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;306158

Jim Cheshire [MSFT]
MCP+I, MCSE, MCSD, MCDBA
Microsoft Developer Support
(e-mail address removed)

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------

 

[Raterus]

First off, you can't set permissions for the aspnet user on a remote computer, it is a computer-level account, not a domain account. Take a look at this article

http://support.microsoft.com/default.aspx?scid=kb;en-us;306158

You can specify a domain username/password using the second example on this page, and access the remote resource only when you need it. All the other times, the webservice won't have any access.

--Michael