To obtain Web Service security context

Discussion in 'ASP .Net Security' started by Oleg Boldyrev, Apr 18, 2005.

  1. Hello all!

    I'd like to to impersonate the domain account a web service runs under. I
    need this to do a trusted connection to SQL Server.
    The current settings for the ASP.NET app are windows authentication and
    impersonation. So if I do a trusted connection to SQL Server it would be
    in the context of the current user which I don't want.
    I like the approach with no global impersonation setting and manual
    impersonation when nessessary, like was advised here, but that I can't
    change the current global settings because the project is not mine and far
    under way, I'm afraid to break something :-\
    I feel I would be happy if I could obtain the WindowsImpersonationContext
    for the account which runs the working process. If sombody could tell me how
    to do this. In fact, all I want to do is to change the current security
    context to that of the worker process, execute a sql query and then revert
    to the previous context.
    I don't want to explicitly set the credentials of any account. Is it
    possible?
     
    Oleg Boldyrev, Apr 18, 2005
    #1
    1. Advertising

  2. Did you see the sample that Brock posted here that shows the trick of
    impersonating the null token (which results essentially in "revert to self")
    and then undoing the impersonation context to start the impersonation back
    up? This sounds like what you need.

    Joe K.

    "Oleg Boldyrev" <> wrote in message
    news:%...
    > Hello all!
    >
    > I'd like to to impersonate the domain account a web service runs under. I
    > need this to do a trusted connection to SQL Server.
    > The current settings for the ASP.NET app are windows authentication and
    > impersonation. So if I do a trusted connection to SQL Server it would be
    > in the context of the current user which I don't want.
    > I like the approach with no global impersonation setting and manual
    > impersonation when nessessary, like was advised here, but that I can't
    > change the current global settings because the project is not mine and
    > far under way, I'm afraid to break something :-\
    > I feel I would be happy if I could obtain the WindowsImpersonationContext
    > for the account which runs the working process. If sombody could tell me
    > how to do this. In fact, all I want to do is to change the current
    > security context to that of the worker process, execute a sql query and
    > then revert to the previous context.
    > I don't want to explicitly set the credentials of any account. Is it
    > possible?
    >
    >
     
    Joe Kaplan \(MVP - ADSI\), Apr 21, 2005
    #2
    1. Advertising

  3. Yes, I did! It's exactly what i need.
    Thank you, Joe, thank you, Brock.

    "Joe Kaplan (MVP - ADSI)" <> wrote
    in message news:...
    > Did you see the sample that Brock posted here that shows the trick of
    > impersonating the null token (which results essentially in "revert to
    > self") and then undoing the impersonation context to start the
    > impersonation back up? This sounds like what you need.
    >
    > Joe K.
    >
    > "Oleg Boldyrev" <> wrote in message
    > news:%...
    >> Hello all!
    >>
    >> I'd like to to impersonate the domain account a web service runs under. I
    >> need this to do a trusted connection to SQL Server.
    >> The current settings for the ASP.NET app are windows authentication and
    >> impersonation. So if I do a trusted connection to SQL Server it would
    >> be in the context of the current user which I don't want.
    >> I like the approach with no global impersonation setting and manual
    >> impersonation when nessessary, like was advised here, but that I can't
    >> change the current global settings because the project is not mine and
    >> far under way, I'm afraid to break something :-\
    >> I feel I would be happy if I could obtain the WindowsImpersonationContext
    >> for the account which runs the working process. If sombody could tell me
    >> how to do this. In fact, all I want to do is to change the current
    >> security context to that of the worker process, execute a sql query and
    >> then revert to the previous context.
    >> I don't want to explicitly set the credentials of any account. Is it
    >> possible?
    >>
    >>

    >
    >
     
    Oleg Boldyrev, Apr 21, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. VS_NET_DEV
    Replies:
    2
    Views:
    3,839
    jenny
    May 25, 2004
  2. =?Utf-8?B?U3VuU21pbGU=?=
    Replies:
    0
    Views:
    723
    =?Utf-8?B?U3VuU21pbGU=?=
    Jan 10, 2006
  3. Flip Rayner
    Replies:
    1
    Views:
    738
    bruce barker
    Jan 23, 2007
  4. asd
    Replies:
    1
    Views:
    455
    www.pulpjava.com
    Nov 9, 2006
  5. Jani Tiainen
    Replies:
    3
    Views:
    1,058
    Jani Tiainen
    Aug 27, 2007
Loading...

Share This Page