none
Core 2.0 mvc impersonation do not work when deploy to IIS RRS feed

  • Question

  • Hi all!

    I built an mvc core 2.0 web application. I need to store file in shared folder, and only current windows user has rights to save. So i need impersonate default appPool user to current domain user in internet explorer.

    I try this:

    var user = (System.Security.Principal.WindowsIdentity)HttpContext.User.Identity;
                log.Append($"WindowsIdentity.GetCurrent(): " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                System.Security.Principal.WindowsIdentity.RunImpersonated(user.AccessToken, () =>
                {
                    log.Append($"Impersonated as: " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                    new DiaDoc.Bll.Process(fileData, log);
                });

    Local all works ok, but when i publish application to IIS 7 and run my app i get an error: user can't access to folder. But by other hand seems that impersonation works, because
    System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() after impersonation change to current user name. I think in IIS level impersonation don't realy work.

    Help me please! )) I just don't know what to do.

    • Moved by CoolDadTx Friday, July 12, 2019 1:44 PM ASP.NET related
    Thursday, July 11, 2019 12:55 PM

All replies

  • Hi Alejandro,

    Based on your description, you could get the right impersonated user. As my test with below code:  

                var user = (System.Security.Principal.WindowsIdentity)HttpContext.User.Identity;
                //log.Append($"WindowsIdentity.GetCurrent(): " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                System.Security.Principal.WindowsIdentity.RunImpersonated(user.AccessToken, () =>
                {
                    var user1 = WindowsIdentity.GetCurrent().Name;
                    //log.Append($"Impersonated as: " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                    var logPath = @"\\sharedPath\test.txt";
                    using (var writer = System.IO.File.CreateText(logPath))
                    {
                        writer.Write($"{WindowsIdentity.GetCurrent().Name } log message"); //or .Write(), if you wish
                    }
                });
    
    It works correctly, I suggest you make a test with above code to check whether it is related with `
    new DiaDoc.Bll.Process(fileData, log);

    Best Regards,

    Edward


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, July 12, 2019 9:13 AM
  • Thanks Edward.

    Strange situation: from local server works ok, but from remote PC with the same browser didn't work. How it be possible?

    I try this code:

    var user = (System.Security.Principal.WindowsIdentity)HttpContext.User.Identity;
                log.Append($"WindowsIdentity.GetCurrent(): " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                System.Security.Principal.WindowsIdentity.RunImpersonated(user.AccessToken, () =>
                {
                    log.Append($"Impersonated as: " + System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString() + "\r\n");
                //new DiaDoc.Bll.Process(fileData, log);
                try
                {
                    String path = "\\\\CommonFileServer\\Files\\TestFolder\\test.txt";
                    using (System.IO.FileStream fs = new System.IO.FileStream(path, System.IO.FileMode.CreateNew))
                    {
                        fs.Write(new byte[]{ 0,1,2,3}, 0, 4);
                        log.Append("OK\r\n");
                    }
                }
                catch (Exception ex) { log.Append($"<span style='color: red;'>Error</span> while saving file; {ex.Message}\r\n"); }
                });

    Friday, July 12, 2019 11:01 AM
  • Please post questions related to MVC in the ASP.NET forums.

    Michael Taylor http://www.michaeltaylorp3.net

    Friday, July 12, 2019 1:44 PM