Solved

How to Run a Silverlight enabled WCF Service Method as a Specific Domain User/Account

Posted on 2011-09-12
7
580 Views
Last Modified: 2012-05-12
I am using Silverlight 4 and a Silverlight Enabled WCF Service. I have a Print button which makes an Async call to my service method. The goal here is to get my service to automatically print a report  to a specific printer and drawer.

I have found the following...

1.)  
I've read that impersonating all operations may increase attacks and negatively impact the security of your application. I simply want this one service method to impersonate. I found by adding this single line above my service method I'm now getting the list of printers on my machine and the report did print automatically to my default printer. THE PROBLEM IS I can't guarenteed the desired printer is the user's default and I don't want to hard code a printer name.

[OperationBehavior(Impersonation = ImpersonationOption.Required)]

2.)
"The user running the web service (usually the system or ASPNET account) must have a printer installed and must have permissions to print to that printer. Typically it's easiest to create a Domain account to run the web service. Then you can log in as that account, create a printer and test printing."

3.)
Another person suggested... "You should get the identity of the current user at a point in the service when you are scanning printers.  My guess is you are running as an anonymous user or someone other than your personal domain account.   If this is the case you need to run the service as a specific domain user with access to these printers."

We are running our service authentication at:
Anonymous - Disabled
ASP.NET Impersonation - Disabled
Form Authentication - Disabled
Windows Authentication - Enabled

The following exists in the web.config:
<authentication mode="Windows" />
<identity impersonate="false"/>

Anyone have any ideas as to how I can accomplish this WITHOUT automatically taking the current user's default printer or hard coding a printer name? How do I run a specific service method under a specific domain account/user?
0
Comment
Question by:farminsure
  • 4
  • 3
7 Comments
 
LVL 25

Expert Comment

by:apeter
ID: 36532159
Only the printing part of the code you can impersonate, rest all other operaton you can run as windows account. No need to impersonate the whole service method. I guess this is the manageble option.

0
 

Author Comment

by:farminsure
ID: 36532331
So far I'm going down the route of creating a generic domain account which has the appropriate printer installed and set as default, with the appropriate permissions. My service method impersonates this generic domain user. Since the desired printer is set as default I don't have to directly specify a printer name. It automatically uses the default printer settings. Then all I have to set in code is the desired paper source and size. The printer would need these options set and loaded.

See attached service method code and wrapper class used.
 ServiceMethod-AutoPrint.txt ImpersonateMethods.cs
0
 
LVL 25

Expert Comment

by:apeter
ID: 36532407
Do below in the finally method. Looks like you are all set.

// Stop Impersonation    
                    impersonation.Revert();
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:farminsure
ID: 36532457
Do you mean ....

try {}
catch {}
finally
{
     // Stop Impersonation    
     impersonation.Revert();
}

My impersonation object doesn't exist??
0
 
LVL 25

Expert Comment

by:apeter
ID: 36534228
declare the impersonation object outside try and instantiate inside "try". Hope this helps.
0
 

Accepted Solution

by:
farminsure earned 0 total points
ID: 36550987
Just wanted to note what I finally ended up doing. A new DNS name and queue was created specifically for our Print Services. I was given permissions to this queue and installed the printer.I added a machine.config AppSetting key with a value consisting of the server name. So then when setting the printer name in my service method I use the machine.config key and hard code the queue name. Our Technical Services assures me the queue name will always remain constant but the server has a chance of changing hence why it's placed in the machine.config.
0
 

Author Closing Comment

by:farminsure
ID: 36572275
Solved my own issue.
0

Featured Post

ScreenConnect 6.0 Free Trial

Explore all the enhancements in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Connection String 16 61
Wav problem 4 27
Reset asp.net login password 4 42
ASP.NET(C#) Eliminating weekends from a date range 2 36
Introduction This article series is supposed to shed some light on the use of IDisposable and objects that inherit from it. In essence, a more apt title for this article would be: using (IDisposable) {}. I’m just not sure how many people would ge…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question