G
Guest
Hi
I would like to know how to use impersonation, in order to write to a file
on a network share.
The user will be logging on to this web app, and will then click a button
which will write to a file on the network share. Currently though, I am
getting permissions errors. I don't want to set identity impersonate = "true"
because I gather that exposes security weaknesses. Rather, I would like the
user to have to actually enter their windows password. I would then call an
impersonate method, and then try to do it. But it is not working at the
moment, I suspect due to permissions.
Here is the code used to impersonate:
Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean
Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr
If LogonUser(UserName, Domain, Password, LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function
(written in VB.NET, but equally in C#)
Running the same code to write to the text file in a windows forms
application works fine.
This throws a permissions error in ASP.NET, even though the impersonation
method appears to be successful.
Any help much appreciated
Thanks
I would like to know how to use impersonation, in order to write to a file
on a network share.
The user will be logging on to this web app, and will then click a button
which will write to a file on the network share. Currently though, I am
getting permissions errors. I don't want to set identity impersonate = "true"
because I gather that exposes security weaknesses. Rather, I would like the
user to have to actually enter their windows password. I would then call an
impersonate method, and then try to do it. But it is not working at the
moment, I suspect due to permissions.
Here is the code used to impersonate:
Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean
Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr
If LogonUser(UserName, Domain, Password, LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function
(written in VB.NET, but equally in C#)
Running the same code to write to the text file in a windows forms
application works fine.
This throws a permissions error in ASP.NET, even though the impersonation
method appears to be successful.
Any help much appreciated
Thanks