By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
445,885 Members | 1,469 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 445,885 IT Pros & Developers. It's quick & easy.

security issue, access denied, impersonate

P: n/a
Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale

Nov 27 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Hi Rockdale,

You can use the WindowsIdentity.Impersonate method. The docs have an
example of code you can use:

http://msdn2.microsoft.com/en-us/library/w070t6ka.aspx

Joe
--
http://www.csharp-station.com
"rockdale" wrote:
Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale

Nov 28 '06 #2

P: n/a
Thanks, will try it later.

What's the logonToken should I pass into the function

private static void ImpersonateIdentity(IntPtr logonToken)
?


Joe Mayo (C# MVP) wrote:
Hi Rockdale,

You can use the WindowsIdentity.Impersonate method. The docs have an
example of code you can use:

http://msdn2.microsoft.com/en-us/library/w070t6ka.aspx

Joe
--
http://www.csharp-station.com
"rockdale" wrote:
Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale
Nov 28 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.