I
Iain Mcleod
Hi
I'm using protocol transition to create user accounts in an ASP.NET context.
The login seems to be working ok, but I'm getting a nasty security exception
"Attempted to perform an unauthorized operation" (see stacktrace).
I get the same error message in the debugger when I quick watch
httpcontext.current.user.identity, AuthenticationType property (it's a
WindowsIdentity with name=CONTOSO\Administrator and IsAuthenticated=True).
(In the code example, request is a HttpWorkerRequest object and
GetUserName() function returns a username of the form "(e-mail address removed)")
The wierd thing is that there only seems to be a problem with an identity
constructed using protocol transition (i.e. the following):
Dim user as WindowsIdentity = New
WindowsIdentity(GetUserName(request.GetServerVariable("LOGON_USER")))
If I construct the user using NTLM it works perfectly:
Dim user as WindowsIdentity = New WindowsIdentity(request.GetUserToken(),
request.GetServerVariable("AUTH_TYPE"), WindowsAccountType.Normal, True)
Here is the exception I get:
----------------------------------------------------------
Attempted to perform an unauthorized operation.
at System.Security.Principal.WindowsIdentity.get_AuthenticationType()
at System.Web.HttpRequest.CalcDynamicServerVariable(DynamicServerVariable
var)
at System.Web.HttpServerVarsCollectionEntry.GetValue(HttpRequest request)
at System.Web.HttpServerVarsCollection.GetServerVar(Object e)
at System.Web.HttpServerVarsCollection.Get(Int32 index)
at System.Web.HttpServerVarsCollection.GetValues(Int32 index)
at
System.Collections.Specialized.NameValueCollection.Add(NameValueCollection c)
at System.Web.HttpRequest.FillInParamsCollection()
at System.Web.HttpRequest.GetParams()
at System.Web.HttpRequest.get_Params()
----------------------------------------------------------------
Any ideas anyone?
Thanks
Iain Mcleod
I'm using protocol transition to create user accounts in an ASP.NET context.
The login seems to be working ok, but I'm getting a nasty security exception
"Attempted to perform an unauthorized operation" (see stacktrace).
I get the same error message in the debugger when I quick watch
httpcontext.current.user.identity, AuthenticationType property (it's a
WindowsIdentity with name=CONTOSO\Administrator and IsAuthenticated=True).
(In the code example, request is a HttpWorkerRequest object and
GetUserName() function returns a username of the form "(e-mail address removed)")
The wierd thing is that there only seems to be a problem with an identity
constructed using protocol transition (i.e. the following):
Dim user as WindowsIdentity = New
WindowsIdentity(GetUserName(request.GetServerVariable("LOGON_USER")))
If I construct the user using NTLM it works perfectly:
Dim user as WindowsIdentity = New WindowsIdentity(request.GetUserToken(),
request.GetServerVariable("AUTH_TYPE"), WindowsAccountType.Normal, True)
Here is the exception I get:
----------------------------------------------------------
Attempted to perform an unauthorized operation.
at System.Security.Principal.WindowsIdentity.get_AuthenticationType()
at System.Web.HttpRequest.CalcDynamicServerVariable(DynamicServerVariable
var)
at System.Web.HttpServerVarsCollectionEntry.GetValue(HttpRequest request)
at System.Web.HttpServerVarsCollection.GetServerVar(Object e)
at System.Web.HttpServerVarsCollection.Get(Int32 index)
at System.Web.HttpServerVarsCollection.GetValues(Int32 index)
at
System.Collections.Specialized.NameValueCollection.Add(NameValueCollection c)
at System.Web.HttpRequest.FillInParamsCollection()
at System.Web.HttpRequest.GetParams()
at System.Web.HttpRequest.get_Params()
----------------------------------------------------------------
Any ideas anyone?
Thanks
Iain Mcleod