Problem with PrincipalPermission Attribute (cannot resolve IsInRole)

P

Peter Zuber

Hi, I have the following problem...

Pre-requisites:
Installation of an Asp.net webservice on a IIS5 server (win2k). Anonymous
access is not allowed, only using windows authentication (intranet app),
webmethods are using the Principalpermssion attribute
([PrincipalPermission(SecurityAction.Demand,
Role=@"DomainName\WindowsGroup...")]) for identification.

Result --> It works fine on my PC but not on the server

When I change the to [PrincipalPermission(SecurityAction.Demand,
name=@"DomainName\Windowsuser...")]) -> it runs fine

--> conclusion: IIS cannot determine if a user belongs to an AD group -->
IPrincipal.IsInRole(@"DomainName\WindowsGroup") is always FALSE!

I already found an article on the web
(http://www.kbalertz.com/kb_894432.aspx --> web dir is UNC share), but
didn't solved the problem...

Does anyone know more about this issue?
 
J

Joe Kaplan \(MVP - ADSI\)

Just out of curiosity, does it start working if you enable impersonation in
web.config?

Joe K.
 
P

Peter Zuber

Yes, impersonation is enabled

Joe Kaplan (MVP - ADSI) said:
Just out of curiosity, does it start working if you enable impersonation in
web.config?

Joe K.

Peter Zuber said:
Hi, I have the following problem...

Pre-requisites:
Installation of an Asp.net webservice on a IIS5 server (win2k). Anonymous
access is not allowed, only using windows authentication (intranet app),
webmethods are using the Principalpermssion attribute
([PrincipalPermission(SecurityAction.Demand,
Role=@"DomainName\WindowsGroup...")]) for identification.

Result --> It works fine on my PC but not on the server

When I change the to [PrincipalPermission(SecurityAction.Demand,
name=@"DomainName\Windowsuser...")]) -> it runs fine

--> conclusion: IIS cannot determine if a user belongs to an AD group -->
IPrincipal.IsInRole(@"DomainName\WindowsGroup") is always FALSE!

I already found an article on the web
(http://www.kbalertz.com/kb_894432.aspx --> web dir is UNC share), but
didn't solved the problem...

Does anyone know more about this issue?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top