M
maa
How do I adjust the security for a worker thread in asp.net?
Thanks,
maa
Thanks,
maa
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
D
Dominick Baier
could you expand a little bit more on this?
M
maa
I have my main asp.net thread which can access the database using
impersonation=
true. I then create worker threads but they don't have rights to the db and
login fails. Is there a way to delegate/transfer the creating thread rights
to the worker thread?
Thanks,
maa
impersonation=
true. I then create worker threads but they don't have rights to the db and
login fails. Is there a way to delegate/transfer the creating thread rights
to the worker thread?
Thanks,
maa
D
Dominick Baier
Yes. It depends how you create the threads. There is also a config switch
see here: http://www.leastprivilege.com/WhatIsAspnetconfig.aspx
see here: http://www.leastprivilege.com/WhatIsAspnetconfig.aspx
M
maa
Dominick,
This will eventually go on a client site so the config switch is not
accessible. I am using C#/.Net 2.0 so I can possible change the create thread
to allow the rights to flow. Is that possible?
In other words I have access programmatically to set the rights/context for
the new thread.
Thanks,
maa
This will eventually go on a client site so the config switch is not
accessible. I am using C#/.Net 2.0 so I can possible change the create thread
to allow the rights to flow. Is that possible?
In other words I have access programmatically to set the rights/context for
the new thread.
Thanks,
maa
D
Dominick Baier
I am confused. Are you talking about ASP.NET or clients?
In general impersonation information flows to newly created threads by default
since .net 2.0.
ASP.NET is an exception here because it was considered as a breaking change
- thats why there is the config file to opt-in to the new behavior.
How do you create the thread?
In general impersonation information flows to newly created threads by default
since .net 2.0.
ASP.NET is an exception here because it was considered as a breaking change
- thats why there is the config file to opt-in to the new behavior.
How do you create the thread?
D
Dominick Baier
ah and btw - the account need the SeImpersonatePrivilege to make impersonation
work.
work.
M
maa
I am working in Asp.Net. When I create the threads, the threads can not
access the database. Sorry for the confusion.
Thanks,
maa
access the database. Sorry for the confusion.
Thanks,
maa
M
maa
Thread t1 = new Thread(new ParameterizedThreadStart(VAD));
t1.Start(threadArgs);
t1.Start(threadArgs);
D
Dominick Baier
simply do a
string username = WindowsIdentity.GetCurrent().Name in your thread proc to
see if the impersonation token has been flowed.
or add a watch for $user to the debug watch window
string username = WindowsIdentity.GetCurrent().Name in your thread proc to
see if the impersonation token has been flowed.
or add a watch for $user to the debug watch window
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Similar Threads
Forum statistics
Latest Threads
-
Can I stop HTTPS?
- Started by IBMJunkman
-
Stephanie Beaudeau Emsworth is Running a Prostitution Ring
- Started by verona
-
Reverse search for a website
- Started by DRCM
-
What are the key advantages of using a SaaS (Software as a Service) model for application development?
- Started by remotedevelopers
-
How to build a database-driven web page
- Started by av3mar1a153
-
Hola
- Started by luuciefer
-
Using a DTSX file with GoDaddy
- Started by IBMJunkman