Start external Process under different user account in ASP.NET???

[Shawn Anderson]

Does anyone know how to get Process.Start() to use the security context of
the user that my ASP.NET app is impersonating? It seems that it is always
run as the ASPNET User no matter what I do.

I know that I can look into CreateProcessWithLogonW, but I really do not
want to ask and store a users password.

Anyone have any thoughts?

Thanks
Shawn

 

[bruce barker]

you should use CreateProcessWithTokenW. you will have use DuplicateToken to
get a primary token necessary for the call.

-- bruce (sqlwork.com)

 

[Shawn Anderson]

Excellent Idea -- only one major problem: It only works on Windows 2003.

Any other thoughts that will work on atleast Windows 2000?

Shawn

 

[Joe Kaplan \(MVP - ADSI\)]

For one thing, you need a primary token to create a process, but to get a
primary token, you need a plain text password.

In a separate thread, we were just discussing getting our the Win2K security
issue by calling the runas service, but that still requires a plain text
password.

Can you get around asking for the pwd from the user? Maybe you could switch
to Basic authentication and SSL so that you would have it.

Joe K.

 

[Shawn Anderson]

Unfortunately it is a requirement to have "pass-through" authentication.
Asking for the password breaks that.

 

[Guest]

Shawn see my thread Access File Share from ASP.NET using Unmanaged Code which may solve your problem but of course I have found that has issues as well which is obviously the reason for my post.

 

[Shawn Anderson]

And where might I find this thread?

Shawn

Shawn see my thread Access File Share from ASP.NET using Unmanaged Code
which may solve your problem but of course I have found that has issues as
well which is obviously the reason for my post.

 

[Guest]

in this news group I posted it about and hour ago.