Solved

How to Run a Silverlight enabled WCF Service Method as a Specific Domain User/Account

Posted on 2011-09-12
7
577 Views
Last Modified: 2012-05-12
I am using Silverlight 4 and a Silverlight Enabled WCF Service. I have a Print button which makes an Async call to my service method. The goal here is to get my service to automatically print a report  to a specific printer and drawer.

I have found the following...

1.)  
I've read that impersonating all operations may increase attacks and negatively impact the security of your application. I simply want this one service method to impersonate. I found by adding this single line above my service method I'm now getting the list of printers on my machine and the report did print automatically to my default printer. THE PROBLEM IS I can't guarenteed the desired printer is the user's default and I don't want to hard code a printer name.

[OperationBehavior(Impersonation = ImpersonationOption.Required)]

2.)
"The user running the web service (usually the system or ASPNET account) must have a printer installed and must have permissions to print to that printer. Typically it's easiest to create a Domain account to run the web service. Then you can log in as that account, create a printer and test printing."

3.)
Another person suggested... "You should get the identity of the current user at a point in the service when you are scanning printers.  My guess is you are running as an anonymous user or someone other than your personal domain account.   If this is the case you need to run the service as a specific domain user with access to these printers."

We are running our service authentication at:
Anonymous - Disabled
ASP.NET Impersonation - Disabled
Form Authentication - Disabled
Windows Authentication - Enabled

The following exists in the web.config:
<authentication mode="Windows" />
<identity impersonate="false"/>

Anyone have any ideas as to how I can accomplish this WITHOUT automatically taking the current user's default printer or hard coding a printer name? How do I run a specific service method under a specific domain account/user?
0
Comment
Question by:farminsure
  • 4
  • 3
7 Comments
 
LVL 25

Expert Comment

by:apeter
ID: 36532159
Only the printing part of the code you can impersonate, rest all other operaton you can run as windows account. No need to impersonate the whole service method. I guess this is the manageble option.

0
 

Author Comment

by:farminsure
ID: 36532331
So far I'm going down the route of creating a generic domain account which has the appropriate printer installed and set as default, with the appropriate permissions. My service method impersonates this generic domain user. Since the desired printer is set as default I don't have to directly specify a printer name. It automatically uses the default printer settings. Then all I have to set in code is the desired paper source and size. The printer would need these options set and loaded.

See attached service method code and wrapper class used.
 ServiceMethod-AutoPrint.txt ImpersonateMethods.cs
0
 
LVL 25

Expert Comment

by:apeter
ID: 36532407
Do below in the finally method. Looks like you are all set.

// Stop Impersonation    
                    impersonation.Revert();
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:farminsure
ID: 36532457
Do you mean ....

try {}
catch {}
finally
{
     // Stop Impersonation    
     impersonation.Revert();
}

My impersonation object doesn't exist??
0
 
LVL 25

Expert Comment

by:apeter
ID: 36534228
declare the impersonation object outside try and instantiate inside "try". Hope this helps.
0
 

Accepted Solution

by:
farminsure earned 0 total points
ID: 36550987
Just wanted to note what I finally ended up doing. A new DNS name and queue was created specifically for our Print Services. I was given permissions to this queue and installed the printer.I added a machine.config AppSetting key with a value consisting of the server name. So then when setting the printer name in my service method I use the machine.config key and hard code the queue name. Our Technical Services assures me the queue name will always remain constant but the server has a chance of changing hence why it's placed in the machine.config.
0
 

Author Closing Comment

by:farminsure
ID: 36572275
Solved my own issue.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This article describes a simple method to resize a control at runtime.  It includes ready-to-use source code and a complete sample demonstration application.  We'll also talk about C# Extension Methods. Introduction In one of my applications…
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now