By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,575 Members | 3,016 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,575 IT Pros & Developers. It's quick & easy.

Starting up Windows Program from a webform with current users's authentication

P: n/a
Suppose you have one domain, filled with a couple of users. What needs to be
done now is I need to start a windows application from a webform by pressing
a button on the webform (for example).

The problem is that the user who "owns" the service is always the ASPNET
account. That's not good since you don't see the actual application (because
it's owned by ASPNET). I've tried changed the processmodel section in the
machine.config file to "SYSTEM" instead of "MACHINE" but that didn't work.
It was the same thing except the process owner was now "SYSTEM" and should
be my logged on (authenticated) user. The reason why that is needed is
because the application detects the current users login and compares that
with the membership of a certain group.

My next step was to try impersonation, but that doesn't work yet. See
snippet of code below. I don't know what i do wrong but i keeps functioning
as the ASPNET account. I also tried giving the ASPNET account the rights of
("Act as a part of the operating system") but that does nothing again. What
am i missing here. Ah, in the web.conf impersonation is set to true but
still doesn't work.

Help would be strongly appreciated.
Kristof

System.Security.Principal.WindowsImpersonationCont ext impersonationContext;

impersonationContext =
((System.Security.Principal.WindowsIdentity)User.I dentity).Impersonate();

System.Diagnostics.Process myProcess = new System.Diagnostics.Process();

myProcess.StartInfo.FileName = "test.exe";

myProcess.StartInfo.WorkingDirectory = @"D:\test";

myProcess.Start();

impersonationContext.Undo();


Nov 18 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
you need to turn anonymous off on the website. then set impersonation on in
the web config.

note: your windows app must be written to run without a window, or you will
get a permission error when it starts up, as access to the desktop will be
denied.

-- bruce (sqlwork.com)

"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl...
Suppose you have one domain, filled with a couple of users. What needs to be done now is I need to start a windows application from a webform by pressing a button on the webform (for example).

The problem is that the user who "owns" the service is always the ASPNET
account. That's not good since you don't see the actual application (because it's owned by ASPNET). I've tried changed the processmodel section in the
machine.config file to "SYSTEM" instead of "MACHINE" but that didn't work.
It was the same thing except the process owner was now "SYSTEM" and should
be my logged on (authenticated) user. The reason why that is needed is
because the application detects the current users login and compares that
with the membership of a certain group.

My next step was to try impersonation, but that doesn't work yet. See
snippet of code below. I don't know what i do wrong but i keeps functioning as the ASPNET account. I also tried giving the ASPNET account the rights of ("Act as a part of the operating system") but that does nothing again. What am i missing here. Ah, in the web.conf impersonation is set to true but
still doesn't work.

Help would be strongly appreciated.
Kristof

System.Security.Principal.WindowsImpersonationCont ext impersonationContext;
impersonationContext =
((System.Security.Principal.WindowsIdentity)User.I dentity).Impersonate();

System.Diagnostics.Process myProcess = new System.Diagnostics.Process();

myProcess.StartInfo.FileName = "test.exe";

myProcess.StartInfo.WorkingDirectory = @"D:\test";

myProcess.Start();

impersonationContext.Undo();

Nov 18 '05 #2

P: n/a
Did that (anonymous off and impersonation=true)
And it should be a windows application with window that should be started up
from the webform. The only problem is that it keeps starting up with the
wrong "user owner". Task Manager=>Processes keeps showing the "ASPNET" user
as the owner.
"bruce barker" <no***********@safeco.com> wrote in message
news:u8**************@tk2msftngp13.phx.gbl...
you need to turn anonymous off on the website. then set impersonation on in the web config.

note: your windows app must be written to run without a window, or you will get a permission error when it starts up, as access to the desktop will be
denied.

-- bruce (sqlwork.com)

"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl...
Suppose you have one domain, filled with a couple of users. What needs to
be
done now is I need to start a windows application from a webform by

pressing
a button on the webform (for example).

The problem is that the user who "owns" the service is always the ASPNET
account. That's not good since you don't see the actual application

(because
it's owned by ASPNET). I've tried changed the processmodel section in

the machine.config file to "SYSTEM" instead of "MACHINE" but that didn't work. It was the same thing except the process owner was now "SYSTEM" and should be my logged on (authenticated) user. The reason why that is needed is
because the application detects the current users login and compares that with the membership of a certain group.

My next step was to try impersonation, but that doesn't work yet. See
snippet of code below. I don't know what i do wrong but i keeps

functioning
as the ASPNET account. I also tried giving the ASPNET account the rights

of
("Act as a part of the operating system") but that does nothing again.

What
am i missing here. Ah, in the web.conf impersonation is set to true but
still doesn't work.

Help would be strongly appreciated.
Kristof

System.Security.Principal.WindowsImpersonationCont ext

impersonationContext;

impersonationContext =
((System.Security.Principal.WindowsIdentity)User.I dentity).Impersonate();
System.Diagnostics.Process myProcess = new System.Diagnostics.Process();

myProcess.StartInfo.FileName = "test.exe";

myProcess.StartInfo.WorkingDirectory = @"D:\test";

myProcess.Start();

impersonationContext.Undo();


Nov 18 '05 #3

P: n/a
> The problem is that the user who "owns" the service is always the ASPNET
what service are you talking about?
machine.config file to "SYSTEM" instead of "MACHINE" but that didn't you are bumping the rights of everything on the server up a notch. This is
certainly not recommended.

you will first need to find out the identity that the web page is under. It
may not be what you think. Use this line of code to find out what identity
the process is running under. Once you find the correct identity, you can
either use impersonation to set the application to run under the proper
account or you can impersonate thru code. You will need to add the
appropriate rights on the directory housing the windows application. You
should configure it for read permissions by adding the identity to be
impersonated to the ACL.

Response.Write("<script>alert('"+System.Security.P rincipal.WindowsIdentity.GetCurrent().Name.ToStrin g()+"')</script>");
--
Regards,
Alvin Bruney
[ASP.NET MVP http://mvp.support.microsoft.com/default.aspx]
Got tidbits? Get it here... http://tinyurl.com/27cok
"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl... Did that (anonymous off and impersonation=true)
And it should be a windows application with window that should be started
up
from the webform. The only problem is that it keeps starting up with the
wrong "user owner". Task Manager=>Processes keeps showing the "ASPNET"
user
as the owner.
"bruce barker" <no***********@safeco.com> wrote in message
news:u8**************@tk2msftngp13.phx.gbl...
you need to turn anonymous off on the website. then set impersonation on

in
the web config.

note: your windows app must be written to run without a window, or you

will
get a permission error when it starts up, as access to the desktop will
be
denied.

-- bruce (sqlwork.com)

"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl...
> Suppose you have one domain, filled with a couple of users. What needs to
be
> done now is I need to start a windows application from a webform by

pressing
> a button on the webform (for example).
>
> The problem is that the user who "owns" the service is always the
> ASPNET
> account. That's not good since you don't see the actual application

(because
> it's owned by ASPNET). I've tried changed the processmodel section in

the > machine.config file to "SYSTEM" instead of "MACHINE" but that didn't work. > It was the same thing except the process owner was now "SYSTEM" and should > be my logged on (authenticated) user. The reason why that is needed is
> because the application detects the current users login and compares that > with the membership of a certain group.
>
> My next step was to try impersonation, but that doesn't work yet. See
> snippet of code below. I don't know what i do wrong but i keeps

functioning
> as the ASPNET account. I also tried giving the ASPNET account the
> rights

of
> ("Act as a part of the operating system") but that does nothing again.

What
> am i missing here. Ah, in the web.conf impersonation is set to true
> but
> still doesn't work.
>
> Help would be strongly appreciated.
> Kristof
>
> System.Security.Principal.WindowsImpersonationCont ext

impersonationContext;
>
> impersonationContext =
> ((System.Security.Principal.WindowsIdentity)User.I dentity).Impersonate(); >
> System.Diagnostics.Process myProcess = new
> System.Diagnostics.Process();
>
> myProcess.StartInfo.FileName = "test.exe";
>
> myProcess.StartInfo.WorkingDirectory = @"D:\test";
>
> myProcess.Start();
>
> impersonationContext.Undo();
>
>
>
>



Nov 18 '05 #4

P: n/a
I meant thread instead of service. Ok time to go a bit more specific

When you customize MS CRM, you can add a button in for example the accounts
or contacts pages. But you can only assign url's to that button.
On the other hand i have a windows applications that uses windows
authentication to detect te permission etc.. of the logged on user (which
also deals with accounts/contacts/...)
The meaning is that when someone clicks the button in MS CRM, a url will be
openened (for example "http://testserver/test.aspx?accountID=334" or sth
like that). Then the webform should detect if the windows application is
open. If it is, just navigate to the proper record of the windows appl., if
the application is not active at the moment, it should start the application
(with authenticated user impersonation), and navigate to the right record.
But even when I include impersonation when I instantiate a
System.Diagnostics.Process (with impersonationContext) it start the windows
application with the "ASPNET" account. Since it's the wrong account, the
application won't show up since it needs to be started up with the current
user.
Thanx for the help btw :p
The last things you said i need to check out, I've detected that part
"System.Security.Principal.WindowsIdentity.GetCurr ent().Name.ToString()" by
inputting it in a textbox on the page on Page_Load. I shows the right user
"DOMAIN/USERNAME" (So that should be OK too)
About that :
Once you find the correct identity, you can
either use impersonation to set the application to run under the proper
account or you can impersonate thru code. You will need to add the
appropriate rights on the directory housing the windows application. You
should configure it for read permissions by adding the identity to be
impersonated to the ACL. Should take a look, probably that or not :p I'll get back to you once i've
tried

Kristof

PS :> > machine.config file to "SYSTEM" instead of "MACHINE" but that didn't you are bumping the rights of everything on the server up a notch. This is
certainly not recommended. I've turned that back to machine since i didn't help anyway :p
"Alvin Bruney [MVP]" <vapor at steaming post office> wrote in message
news:u%****************@tk2msftngp13.phx.gbl...
The problem is that the user who "owns" the service is always the ASPNET

what service are you talking about?
machine.config file to "SYSTEM" instead of "MACHINE" but that didn't

you are bumping the rights of everything on the server up a notch. This is
certainly not recommended.

you will first need to find out the identity that the web page is under.

It may not be what you think. Use this line of code to find out what identity
the process is running under. Once you find the correct identity, you can
either use impersonation to set the application to run under the proper
account or you can impersonate thru code. You will need to add the
appropriate rights on the directory housing the windows application. You
should configure it for read permissions by adding the identity to be
impersonated to the ACL.

Response.Write("<script>alert('"+System.Security.P rincipal.WindowsIdentity.G
etCurrent().Name.ToString()+"')</script>");

--
Regards,
Alvin Bruney
[ASP.NET MVP http://mvp.support.microsoft.com/default.aspx]
Got tidbits? Get it here... http://tinyurl.com/27cok
"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl...
Did that (anonymous off and impersonation=true)
And it should be a windows application with window that should be started
up
from the webform. The only problem is that it keeps starting up with the
wrong "user owner". Task Manager=>Processes keeps showing the "ASPNET"
user
as the owner.
"bruce barker" <no***********@safeco.com> wrote in message
news:u8**************@tk2msftngp13.phx.gbl...
you need to turn anonymous off on the website. then set impersonation on
in
the web config.

note: your windows app must be written to run without a window, or you

will
get a permission error when it starts up, as access to the desktop will
be
denied.

-- bruce (sqlwork.com)

"Kristof Despiere" <kr***************@despiere.be> wrote in message
news:c9**********@reader13.wxs.nl...
> Suppose you have one domain, filled with a couple of users. What
needs to
be
> done now is I need to start a windows application from a webform by
pressing
> a button on the webform (for example).
>
> The problem is that the user who "owns" the service is always the
> ASPNET
> account. That's not good since you don't see the actual application
(because
> it's owned by ASPNET). I've tried changed the processmodel section in

the
> machine.config file to "SYSTEM" instead of "MACHINE" but that didn't

work.
> It was the same thing except the process owner was now "SYSTEM" and

should
> be my logged on (authenticated) user. The reason why that is needed

is > because the application detects the current users login and compares

that
> with the membership of a certain group.
>
> My next step was to try impersonation, but that doesn't work yet. See
> snippet of code below. I don't know what i do wrong but i keeps
functioning
> as the ASPNET account. I also tried giving the ASPNET account the
> rights
of
> ("Act as a part of the operating system") but that does nothing again. What
> am i missing here. Ah, in the web.conf impersonation is set to true
> but
> still doesn't work.
>
> Help would be strongly appreciated.
> Kristof
>
> System.Security.Principal.WindowsImpersonationCont ext
impersonationContext;
>
> impersonationContext =
>

((System.Security.Principal.WindowsIdentity)User.I dentity).Impersonate();
>
> System.Diagnostics.Process myProcess = new
> System.Diagnostics.Process();
>
> myProcess.StartInfo.FileName = "test.exe";
>
> myProcess.StartInfo.WorkingDirectory = @"D:\test";
>
> myProcess.Start();
>
> impersonationContext.Undo();
>
>
>
>



Nov 18 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.