System.Security.Principal.WindowsIdentity.GetCurrent()

Discussion in 'ASP .Net Security' started by Jeremy Chapman, Sep 9, 2005.

  1. I have a web application which calls a web service, which calls a method in
    an assembly of it's bin directory.
    The web application and web service use windows authentication with windows
    impersonation set in the web.config files. In IIS, these virtual
    directories have anonymous access turned off.

    I am debugging, and stepping through all the code, If I inspect
    System.Security.Principal.WindowsIdentity.GetCurrent().Name I will see my
    windows account name and domain in both the web application and the web
    service. But when I step into the code in the assembly being called by the
    web service, the System.Security.Principal.WindowsIdentity.GetCurrent().Name
    contains my machine name. Why would code in the assembly run under a
    different context?
    Jeremy Chapman, Sep 9, 2005
    #1
    1. Advertising

  2. How are you invoking the code in the assembly that is "called by the web
    service"?


    "Jeremy Chapman" <> wrote in message
    news:%23MDVe$...
    >I have a web application which calls a web service, which calls a method in
    >an assembly of it's bin directory.
    > The web application and web service use windows authentication with
    > windows impersonation set in the web.config files. In IIS, these virtual
    > directories have anonymous access turned off.
    >
    > I am debugging, and stepping through all the code, If I inspect
    > System.Security.Principal.WindowsIdentity.GetCurrent().Name I will see my
    > windows account name and domain in both the web application and the web
    > service. But when I step into the code in the assembly being called by
    > the web service, the
    > System.Security.Principal.WindowsIdentity.GetCurrent().Name contains my
    > machine name. Why would code in the assembly run under a different
    > context?
    >
    Nicole Calinoiu, Sep 9, 2005
    #2
    1. Advertising

  3. I reference the assembly from my web service project, and in the code of the
    web method, I instatiate a class contained in that assembly and do a method
    call.

    "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
    news:...
    > How are you invoking the code in the assembly that is "called by the web
    > service"?
    >
    >
    > "Jeremy Chapman" <> wrote in message
    > news:%23MDVe$...
    >>I have a web application which calls a web service, which calls a method
    >>in an assembly of it's bin directory.
    >> The web application and web service use windows authentication with
    >> windows impersonation set in the web.config files. In IIS, these virtual
    >> directories have anonymous access turned off.
    >>
    >> I am debugging, and stepping through all the code, If I inspect
    >> System.Security.Principal.WindowsIdentity.GetCurrent().Name I will see my
    >> windows account name and domain in both the web application and the web
    >> service. But when I step into the code in the assembly being called by
    >> the web service, the
    >> System.Security.Principal.WindowsIdentity.GetCurrent().Name contains my
    >> machine name. Why would code in the assembly run under a different
    >> context?
    >>

    >
    >
    Jeremy Chapman, Sep 9, 2005
    #3
  4. Unless you've got a RevertToSelf or impersonation in there somewhere, this
    is pretty odd since the code is presumably executing in the context of the
    web service process. Might you be able to provide a simple sample (à la
    http://www.yoda.arachsys.com/csharp/complete.html) that duplicates the
    problem?


    "Jeremy Chapman" <> wrote in message
    news:...
    >I reference the assembly from my web service project, and in the code of
    >the web method, I instatiate a class contained in that assembly and do a
    >method call.
    >
    > "Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> wrote in message
    > news:...
    >> How are you invoking the code in the assembly that is "called by the web
    >> service"?
    >>
    >>
    >> "Jeremy Chapman" <> wrote in message
    >> news:%23MDVe$...
    >>>I have a web application which calls a web service, which calls a method
    >>>in an assembly of it's bin directory.
    >>> The web application and web service use windows authentication with
    >>> windows impersonation set in the web.config files. In IIS, these
    >>> virtual directories have anonymous access turned off.
    >>>
    >>> I am debugging, and stepping through all the code, If I inspect
    >>> System.Security.Principal.WindowsIdentity.GetCurrent().Name I will see
    >>> my windows account name and domain in both the web application and the
    >>> web service. But when I step into the code in the assembly being called
    >>> by the web service, the
    >>> System.Security.Principal.WindowsIdentity.GetCurrent().Name contains my
    >>> machine name. Why would code in the assembly run under a different
    >>> context?
    >>>

    >>
    >>

    >
    >
    Nicole Calinoiu, Sep 10, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Um9nZXI=?=

    WindowsIdentity.GetCurrent()

    =?Utf-8?B?Um9nZXI=?=, Apr 13, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    804
    =?Utf-8?B?Um9nZXI=?=
    Apr 13, 2006
  2. Replies:
    0
    Views:
    540
  3. Shary
    Replies:
    3
    Views:
    439
    Nicole Calinoiu
    Dec 14, 2004
  4. Robert Phillips

    Access is denied in WindowsIdentity.GetCurrent

    Robert Phillips, Jan 13, 2005, in forum: ASP .Net Security
    Replies:
    0
    Views:
    153
    Robert Phillips
    Jan 13, 2005
  5. Marco Herrn

    Access Denied on WindowsIdentity.GetCurrent()

    Marco Herrn, Mar 7, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    181
    Paul Clement
    Mar 7, 2005
Loading...

Share This Page