We help IT Professionals succeed at work.

Webapp showing files on fileshare with impersonation

Hi,

I have a webapp that shows files from a fileshare. The authenticated windows user has permissions to read from the share, but the ASP.NET process hasn't. So I have this code with impersonation which works on my development environment. But in production environment it doesn't. Looking in the security event viewer on the fileserver I can see that it is the ANONYMOUS LOGON account which logs on to the fileserver.

Can you spot where I go wrong or perhaps suggest an alternative solution. Mind you, I can't change permissions on the share.

Thanks,

peter


WindowsIdentity winId = (WindowsIdentity)HttpContext.Current.User.Identity;
WindowsImpersonationContext ctx = null;
try {
// Start impersonating.
	ctx = winId.Impersonate();
	
// Now impersonating.
// Access resources using the identity of the authenticated user.
	FileStream fs = new FileStream(uri, FileMode.Open, FileAccess.Read, FileShare.Read);
	Response.ContentType = "application/pdf";

	byte[] buf = new byte[1024];
	int i;
	while ((i = fs .Read(buf, 0, buf.Length)) > 0) Response.OutputStream.Write(buf, 0, i);
	
	Response.Flush();
	Response.Close();
} catch (Exception ex) {
// Prevent exceptions from propagating.
} finally {
// Revert impersonation.
	if (ctx != null) ctx.Undo();
}
// Back to running under the default ASP.NET process identity.

Open in new window

Comment
Watch Question

Top Expert 2010
Commented:
Will this shed some light to your problem

http://forums.iis.net/t/1114220.aspx

Author

Commented:
That seems promising. I'm not able to check this until monday, will get back then with results.

Thanks.

Author

Commented:
Thanks, the link put me on the right track. Delegation was already set, but there was some user/kerberos settings which I had to change.