asked on

Webapp showing files on fileshare with impersonation

Hi,

I have a webapp that shows files from a fileshare. The authenticated windows user has permissions to read from the share, but the ASP.NET process hasn't. So I have this code with impersonation which works on my development environment. But in production environment it doesn't. Looking in the security event viewer on the fileserver I can see that it is the ANONYMOUS LOGON account which logs on to the fileserver.

Can you spot where I go wrong or perhaps suggest an alternative solution. Mind you, I can't change permissions on the share.

Thanks,

peter

WindowsIdentity winId = (WindowsIdentity)HttpContext.Current.User.Identity;
WindowsImpersonationContext ctx = null;
try {
// Start impersonating.
	ctx = winId.Impersonate();
	
// Now impersonating.
// Access resources using the identity of the authenticated user.
	FileStream fs = new FileStream(uri, FileMode.Open, FileAccess.Read, FileShare.Read);
	Response.ContentType = "application/pdf";

	byte[] buf = new byte[1024];
	int i;
	while ((i = fs .Read(buf, 0, buf.Length)) > 0) Response.OutputStream.Write(buf, 0, i);
	
	Response.Flush();
	Response.Close();
} catch (Exception ex) {
// Prevent exceptions from propagating.
} finally {
// Revert impersonation.
	if (ctx != null) ctx.Undo();
}
// Back to running under the default ASP.NET process identity.

Open in new window

ASKER CERTIFIED SOLUTION

masterpass

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

pivar

ASKER

That seems promising. I'm not able to check this until monday, will get back then with results.

Thanks.

pivar

ASKER

Thanks, the link put me on the right track. Delegation was already set, but there was some user/kerberos settings which I had to change.