impersonation

问题 When a user browses to a ASP.NET website, is the user impersonating the ASPNET account or the account specified in IIS->Directory Security->Account used for anonymous access (EX: IUSR_XXX ) My website writes files to the disk and I was wondering which of these accounts need write access to the folder? Also, can someone explain how the impersonate element in the web.config ties into all this? Thanks! 回答1: If impersonation is enabled in an ASP.NET application then: If anonymous access is

问题 I have developed a multi-platform desktop application in python and PyQt and in it i want to implement the concept of impersonation. I have a requirement where user selects a file and the the application will check for naming conventions and other things. If everythin is fine then it copies the file in a server where only impersonate user lets say (user123) has full permissions other has only read permissions. I could able to achieve this in windows by using win32security and win32con TO

问题 I have an ASP.NET app using Windows authentication, and I'm testing for the existence of a file on a remote server. I'm authenticating as MYDOMAIN\my.username - this works. The file is \MYSERVER\WebShare\example.txt. This file exists. I can open it from various hosts whilst logged in as MYDOMAIN\my.username. Under Windows Explorer, the effective permissions indicate that MYDOMAIN\my.username has full control of this file. If I attach a debugger and type $user in the watch window, I can see

问题 How can Install a windows services with c# code I have using the Administrator privilege account I have? Please note that:- The following classes are download from different sources and from other programmers work from this site. I don't want to claim any of this work as mine. I am using it so I would like to thank them though The following is my service install class public static class ServiceInstaller { private const int STANDARD_RIGHTS_REQUIRED = 0xF0000; private const int SERVICE_WIN32

问题 I am trying to have my ASP.net application access a UNC path, however I am getting file denied errors. If I try this where the application is on my local machine, it works, if I run it in the browser, where the application is deployed, it works fine. However when I try to access the website from my machine to my IIS box, which then in-turn accesses the file server, I can Access Denied errors. I've checked that ASP.Net is actually impersonatinh as me, and it seems to be that seems to be the

问题 How can I get the Access Token for the user that created the process that called my application? I need to use that Token for impersonation, the idea is to access a file in that users applicationData. P.S. The application that will be impersonating the user is a service running under System. 回答1: Check MSDN, all this API is well documented. You probably want to do something like this: HANDLE thisToken, thisProcess; thisProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );

问题 I have an MVC web application that is supposed to allow users to download files that are stored as UNC paths in a database. These files can be in any number of locations on remote servers/shares. E.g. Server 1 hosts the web application that is used to download a file stored on Server 2 I do not want to give permissions to these folders to the hosting service account, as the security should be dependent on what the user has access to. Therefore, I'm attempting to use Impersonation to retrieve

问题 The app is running using impersonation and windows authentication. What is the difference of what i've got in the three cases? System.Threading.Thread.CurrentPrincipal.Identity as WindowsIdentity WindowsIdentity.GetCurrent() ((HttpContext) context).User.Identity as WindowsIdentity 回答1: Here you have all the different posibilites. In your case you'll get the same for all 3 (Domain\UserName) 来源： https://stackoverflow.com/questions/6387589/different-ways-to-get-windowsidentity-with-impersonation

问题 I am having a problem with I think impersonation, but I could be mistaken. I have an IBM XMS consumer, consuming data from a queue. Works fine. In order to be granted access to the queue the service needs to be running as specific user, for this I have implemented .Net impersonation. On all systems I am able to get the queue running, the problem occurs when there is a need to restart. To test restart I have placed a simple if(messages == 500) throw... which triggers cancellation,

问题 I have a web application hosted by IIS. it is configured with Form Authentication and Anonymous authentication, and Impersonation is enabled. App Pool account is Network Service. Anonymous account is Costa. Costa is having access to database. NetworkService cannot access database. The problem is that Request thread (parent thread) can access the database but sub thread cannot. To fix this. I send windows identity object of main thread to sub thread, then I call Impersonate(). Impersonate