473,326 Members | 2,196 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

User Impresonation in Global.asax OnStart

It looks as if user imporsonation doesn't work in the Global.asax OnStart event. What this means is that if I have application configured to use "AlexUser" as the user for all ASP.NET stuff, that works for everything within my application EXCEPT that code executed in the OnStart in global.asax goes out as the "ASPNET" user

This is a real problem because it means that I have to giver database permissions to the ASPNET user if I want to make any DB calls from instide global.asax. I REALLY don't want to do that

Any ideas?
Nov 18 '05 #1
3 2956
Hi,

From your description you have some db manipulation which need to be
finished in your web application's
Application_Start event. However you found in the Application_Start event,
the impersonate not work which make the connecting to dbserver failed, yes?

As for this problem, I think it is because in Application_Start event, the
whole Application is initializing and the Some ASP.NET buildin object such
as Request, Response ... haven't be constructed or initialized yet. And the
ASP.NET's impersonate mechanism depend on the User's credential passed from
IIS which is stored in the HttpContext.Current.User.Identity
However, this info seems invaliable in Application_Start Event. That's why
the such operations depend on impersonation will failed in
Application_Start.

As for your situation, you need to do db manipulation in Application_Start,
I think you may consider the following means:
1. Use SQLServer login rather than integrated windows to connect to
SQLServer db. That means use speicfy the connect username/password in
connection string. If you don't want to contain the username/password as
clear text in connectionstring directly which will be embeded in assembly,
you can store then in registry instead. Here is a KB which discussing on
this:
#HOW TO: Use the ASP.NET Utility to Encrypt Credentials and Session State
Connection Strings
http://support.microsoft.com/?id=329290

2. Manually impersonate via code in Application_Start or build a Utility
class to perform such operations.
Below is a kb article and a former thread which dicussing on this means:
#INFO: Implementing Impersonation in an ASP.NET Application
http://support.microsoft.com/?id=306158

#Subject: Re: How do I set the new thread principal?
http://groups.google.com/groups?hl=e...readm=e41KuAAG
EHA.2976%40TK2MSFTNGP10.phx.gbl&rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3
DUTF-8%26oe%3DUTF-8%26q%3D%2522How%2Bdo%2BI%2Bset%2Bthe%2Bnew%2Bthre ad%2Bpri
ncipal%253F%2522

Hope helps. Thanks.
Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

Nov 18 '05 #2
Hi,

From your description you have some db manipulation which need to be
finished in your web application's
Application_Start event. However you found in the Application_Start event,
the impersonate not work which make the connecting to dbserver failed, yes?

As for this problem, I think it is because in Application_Start event, the
whole Application is initializing and the Some ASP.NET buildin object such
as Request, Response ... haven't be constructed or initialized yet. And the
ASP.NET's impersonate mechanism depend on the User's credential passed from
IIS which is stored in the HttpContext.Current.User.Identity
However, this info seems invaliable in Application_Start Event. That's why
the such operations depend on impersonation will failed in
Application_Start.

As for your situation, you need to do db manipulation in Application_Start,
I think you may consider the following means:
1. Use SQLServer login rather than integrated windows to connect to
SQLServer db. That means use speicfy the connect username/password in
connection string. If you don't want to contain the username/password as
clear text in connectionstring directly which will be embeded in assembly,
you can store then in registry instead. Here is a KB which discussing on
this:
#HOW TO: Use the ASP.NET Utility to Encrypt Credentials and Session State
Connection Strings
http://support.microsoft.com/?id=329290

2. Manually impersonate via code in Application_Start or build a Utility
class to perform such operations.
Below is a kb article and a former thread which dicussing on this means:
#INFO: Implementing Impersonation in an ASP.NET Application
http://support.microsoft.com/?id=306158

#Subject: Re: How do I set the new thread principal?
http://groups.google.com/groups?hl=e...readm=e41KuAAG
EHA.2976%40TK2MSFTNGP10.phx.gbl&rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3
DUTF-8%26oe%3DUTF-8%26q%3D%2522How%2Bdo%2BI%2Bset%2Bthe%2Bnew%2Bthre ad%2Bpri
ncipal%253F%2522

Hope helps. Thanks.
Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx

Nov 18 '05 #3
Hi,

Have you had a chance to check out the suggestions in my last reply or have
you got any further ideas on this issue? If you have anything unclear or if
there're anything else we can help, please feel free to post here. Thanks.

Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
Nov 18 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Alex Maghen | last post by:
It looks as if user imporsonation doesn't work in the Global.asax OnStart event. What this means is that if I have application configured to use "AlexUser" as the user for all ASP.NET stuff, that...
22
by: fd123456 | last post by:
Hi Tom ! Sorry about the messy quoting, Google is playing tricks on me at the moment. > Global.asax is where you normally have the Global Application > and Session variables and code to...
3
by: John Dalberg | last post by:
I am setting the HttpContext.Current.User in the Application_AuthenticateRequest event in global.asax.cs. When I use the IsInRole function in a web page, it works fine. So far so good. (Note that...
5
by: ad | last post by:
The Global.asax is code-inside with default. How to change Global.asax to code-behind?
8
by: GS | last post by:
What would be the sample code to stop processing any further requests in Application_onStart within global.asax has failed? Response.End does not work since there is no response object at the point...
1
by: R.A.M. | last post by:
Please help. I try to implement counting of apllication users using global.asax this way: <script runat="server"> void Application_OnStart(object sender, EventArgs e) {...
11
by: Ron | last post by:
I have a web project compiled with the new "Web Deployment Projects" plugin for VS2005. I'm deploying the web project to one assembly and with updateable option set to ON. When I'm running the...
3
by: Doug | last post by:
Using Visual Studio 2005, SQL Server 2000, and ASP.NET/VB.NET for a Web Application. We have a System DSN using Windows NT authentication defined on the development box to connect to the SQL...
8
by: Rob T | last post by:
When I was using VS2003, I was able to compile my asp.net project locally on my machine and copy it to the production server and it would run just fine. I've now converted to VS2005. The project...
15
by: =?Utf-8?B?UGF0Qg==?= | last post by:
Just starting to move to ASP.NET 2.0 and having trouble with the Global.asax code file. In 1.1 I could have a code behind file for the global.asax file. This allow for shared variables of the...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.