How to pass a WindowsIdentity object to a web service method?

Hi, I have a web service method which accepts a parameter of type System.Security.Principal.WindowsIdentity.
When I make my web reference from my client project, it creates a namespace for it, and in there a "WindowsIdentity" object. Then when I call the method from the client, it unsuccessfully tries to cast from System.Security.Principal.WindowsIdentity to ServiceReferenceNamespace.WindowsIdentity.

what am I doing wrong here? why is it creating a new class? I'm kind of new to web services, so please bear with me.

Below is my service method:
[WebMethod]
        public Content GetContents(string Path, WindowsIdentity authUser)
        {
            FileAttributes attr = File.GetAttributes(Path);
            if ((attr & FileAttributes.Directory) == FileAttributes.Directory)
            {
                //folder
                FileSystemAccessRule rule = GetDirectoryPermissions(authUser, Path);
                if (rule != null && ((rule.FileSystemRights & FileSystemRights.ListDirectory) == FileSystemRights.ListDirectory && rule.AccessControlType == AccessControlType.Allow))
                {
                    return new Content() { DirectoryListing = GetDirectoryContents(Path), IsDirectory = true };
                }
            }
            else
            {
                //file
                FileSystemAccessRule rule = GetFilePermissions(authUser, Path);
                if (rule != null && ((rule.FileSystemRights & FileSystemRights.Read) == FileSystemRights.Read && rule.AccessControlType == AccessControlType.Allow))
                {
                    return new Content() { File = GetFile(Path), IsDirectory = false };
                }
            }
            return null;
        }

Open in new window

LVL 1
colonel720Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Bob LearnedCommented:
Do you have a WindowsIdentity class defined in the Web Service?  What happens if you fully qualify the type (System.Security.Principal.WindowsIdentity)?
0
colonel720Author Commented:
I do not have a windowsidentity class defined, and if i fully qualify the type it still creates its own proxy class and tries to cast to it on service call.
0
Bob LearnedCommented:
Wells, let's ask first why you need to pass in the WindowsIdentity object into a web method?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

colonel720Author Commented:
There was a problem with impersonation, I wondered if it was possible.
anyway I have a new problem.
the webservice is deployed to IIS, and i am getting System.Security.AccessControl.PrivilegeNotHeldException: The process does not possess the 'SeSecurityPrivilege' privilege which is required for this operation.
however the account which the application pool is configured to run as is a domain admin, and the individual IIS application is configured to run on anonymous authentication under that same domain admin account.
What do i need to do to get "SeSecurityPrivilege" to that account?
0
colonel720Author Commented:
This is when I try to execute the following code:
DirectorySecurity dirSecurity = Directory.GetAccessControl(folderPath, AccessControlSections.All);
            AuthorizationRuleCollection ruleList = dirSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount));
0
colonel720Author Commented:
Never mind, go that figured out - the IIS application pool identity account needed explicit (not inherited) membership of the local admins group on the machine.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
.NET Programming

From novice to tech pro — start learning today.