How to Run a Silverlight enabled WCF Service Method as a Specific Domain User/Account

I am using Silverlight 4 and a Silverlight Enabled WCF Service. I have a Print button which makes an Async call to my service method. The goal here is to get my service to automatically print a report  to a specific printer and drawer.

I have found the following...

1.)  
I've read that impersonating all operations may increase attacks and negatively impact the security of your application. I simply want this one service method to impersonate. I found by adding this single line above my service method I'm now getting the list of printers on my machine and the report did print automatically to my default printer. THE PROBLEM IS I can't guarenteed the desired printer is the user's default and I don't want to hard code a printer name.

[OperationBehavior(Impersonation = ImpersonationOption.Required)]

2.)
"The user running the web service (usually the system or ASPNET account) must have a printer installed and must have permissions to print to that printer. Typically it's easiest to create a Domain account to run the web service. Then you can log in as that account, create a printer and test printing."

3.)
Another person suggested... "You should get the identity of the current user at a point in the service when you are scanning printers.  My guess is you are running as an anonymous user or someone other than your personal domain account.   If this is the case you need to run the service as a specific domain user with access to these printers."

We are running our service authentication at:
Anonymous - Disabled
ASP.NET Impersonation - Disabled
Form Authentication - Disabled
Windows Authentication - Enabled

The following exists in the web.config:
<authentication mode="Windows" />
<identity impersonate="false"/>

Anyone have any ideas as to how I can accomplish this WITHOUT automatically taking the current user's default printer or hard coding a printer name? How do I run a specific service method under a specific domain account/user?
farminsureAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
farminsureConnect With a Mentor Author Commented:
Just wanted to note what I finally ended up doing. A new DNS name and queue was created specifically for our Print Services. I was given permissions to this queue and installed the printer.I added a machine.config AppSetting key with a value consisting of the server name. So then when setting the printer name in my service method I use the machine.config key and hard code the queue name. Our Technical Services assures me the queue name will always remain constant but the server has a chance of changing hence why it's placed in the machine.config.
0
 
apeterCommented:
Only the printing part of the code you can impersonate, rest all other operaton you can run as windows account. No need to impersonate the whole service method. I guess this is the manageble option.

0
 
farminsureAuthor Commented:
So far I'm going down the route of creating a generic domain account which has the appropriate printer installed and set as default, with the appropriate permissions. My service method impersonates this generic domain user. Since the desired printer is set as default I don't have to directly specify a printer name. It automatically uses the default printer settings. Then all I have to set in code is the desired paper source and size. The printer would need these options set and loaded.

See attached service method code and wrapper class used.
 ServiceMethod-AutoPrint.txt ImpersonateMethods.cs
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
apeterCommented:
Do below in the finally method. Looks like you are all set.

// Stop Impersonation    
                    impersonation.Revert();
0
 
farminsureAuthor Commented:
Do you mean ....

try {}
catch {}
finally
{
     // Stop Impersonation    
     impersonation.Revert();
}

My impersonation object doesn't exist??
0
 
apeterCommented:
declare the impersonation object outside try and instantiate inside "try". Hope this helps.
0
 
farminsureAuthor Commented:
Solved my own issue.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.