q: asp.net: changing logon time to get LOGON32_LOGON_NETWORK_CLEARTEXT ?

Discussion in 'ASP .Net Security' started by Juri Zenkevitch, Nov 26, 2003.

  1. Hi All !

    I get into the problem... My web application, which uses authentication
    mode="Windows", so the app will impersonate under the user, which access
    it's pages. In the application, I do use
    "Microsoft.Win32.RegistryKey.OpenRemoteBaseKey", which fails, because the
    app identity was (probably) logged on w/out the NETWORK_CLEARTEXT flag
    (LogonUser).

    So, the question is: can I change that flag somehow for current application
    identity ? I can not do the LogonUser, because my server-side code do not
    have the password for user, only it's identity (token) in Principal
    object...

    Any ideas ?

    Thank you,

    Yury.
     
    Juri Zenkevitch, Nov 26, 2003
    #1
    1. Advertisements

  2. Err, I meant to say "logon type" in subject :)
     
    Juri Zenkevitch, Nov 26, 2003
    #2
    1. Advertisements

  3. Juri Zenkevitch

    Brian C Guest

    Yury,
    mode="Windows" will not insure that the the app will
    impersonate under the user. However, this will:

    <identity impersonate="true" />

    It is likely that the users are using the local ASPNET
    user.

    Brian
     
    Brian C, Nov 27, 2003
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.