473,385 Members | 1,893 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > security issue, access denied, impersonate

Join Bytes to post your question to a community of 473,385 software developers and data experts.

security issue, access denied, impersonate

Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale

Nov 27 '06 #1
2 5241
Hi Rockdale,

You can use the WindowsIdentity.Impersonate method. The docs have an
example of code you can use:

http://msdn2.microsoft.com/en-us/library/w070t6ka.aspx

Joe
--
http://www.csharp-station.com
"rockdale" wrote:
Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale

Nov 28 '06 #2
Thanks, will try it later.

What's the logonToken should I pass into the function

private static void ImpersonateIdentity(IntPtr logonToken)
?


Joe Mayo (C# MVP) wrote:
Hi Rockdale,

You can use the WindowsIdentity.Impersonate method. The docs have an
example of code you can use:

http://msdn2.microsoft.com/en-us/library/w070t6ka.aspx

Joe
--
http://www.csharp-station.com
"rockdale" wrote:
Hi, all:

My asp.net application calles MS speech 5.1 and generate a wav file on
server's path. Everything runs perfectly on my development machine. But
when I move the appl to production server, I always get ERROR: Access
is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
First I thought its the permission problem, so I set permission of that
directory to everyone (not an secure idea, but for test only). I found
out that I can write a text file to that path or create a wav file with
size 0k. whenever the speech try to speak to the filestream, the error
occured. see the following code.

SpeechVoiceSpeakFlags SpFlags =
SpeechVoiceSpeakFlags.SVSFlagsAsync;
SpVoice Voice = new SpVoice();

SpeechStreamFileMode SpFileMode =
SpeechStreamFileMode.SSFMCreateForWrite;

SpFileStream spFileStream = new SpFileStream();
spFileStream.Open(strFile, SpFileMode, false); //HERE IS
FINE
Voice.AudioOutputStream = spFileStream;
Voice.Speak(pText, SpFlags); //CATCH ERROR HERE
Voice.WaitUntilDone(-1);

spFileStream.Close();

I put the same code into a windows appl and run it on my production
server, it works fine, so I think it must be the asp.net does not have
the authority to call the speach com object. (am I right here?)

I read some post talking about impersonate or ASPNET user account, but
still quite confusing.

1. Where can I set which account my asp.net runs on?
on my own machine, it runs on MACHINENAME\ASPNET, but on my production
server it runs on NT AUTHORITY\NETWORK SERVICE. by using
System.Security.Principal.WindowsIdentity.GetCurre nt().Name;
Also, I cannot add ASPNET permission of my path, it always give me
that aspnet is not a valid user (that why I added everyone.)
2. I tried using impersonate and it works. But it is not a good idea as
I expose the user name and pwd in my config file. Also, I have to
create a same user on my laptop and the production server. IS that
impersonate means?

<authentication mode="Windows" />
<identity impersonate="true" userName="administrator"
password="mypwd"/>

Can I do this impersonate in my code (aka, when I need to create the
wav file and write to the path) and how ?
Sorry for the long post and lots questions, this kind stuff always
confused me.

Thanks in advance
-rockdale
Nov 28 '06 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
Applet Security Issue & .hotjava/properties file
by: Paul | last post by:
Hello, I've been reading up on security in Java Applets and whilst I understand the concept, I can't successfully get my applet to read a file on my local machine. I discovered from...
Java
0
* HELP * MySQL Connection Issue - Access Denied!!
by: Ryan Schefke | last post by:
------=_NextPart_000_0077_01C34C8B.2B90C960 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit ..I just sent this out to the win32 distribution list but no one has...
MySQL Database
3
Access Denied trying to create New Instantance of Object
by: Ian | last post by:
The beginning of my assembly that I am getting the access error from looks like this. ********************************* Imports System.EnterpriseServices Imports System Imports...
.NET Framework
3
Virtual Server 2003 Issue! Access Denied- Admin web screen !!
by: James Woo via SQLMonster.com | last post by:
Hi All I am getting an access denied message when I launch the Virtual Server administration screen, however I can connect through the Virtual Machine remote connectivity without any problems....
Microsoft SQL Server
3
Access Denied for WMI/ADSI over ASP.Net
by: Roy Osherove | last post by:
Hi folks. I have an ASP.Net application that runs a .Net dll that uses WMI and ADSI(both managed) to connect to a given IIS root and search through it. When not using the ASP.Net client, but...
ASP.NET
12
Access Denied to Temporary files
by: Chad Crowder | last post by:
Hi all, I hope someone can give me a hand, because I'm out of ideas. I keep getting this message: Access to the path "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET...
ASP.NET
0
ASP.NET, ADODB and "Access Denied"
by: ASP.Confused | last post by:
The old message looked a little stale, so I am re-posting it here. Anybody have any ideas of what I could do?!? The previous responses to this question are below. If you want to look at the...
ASP.NET
2
File.Copy : Access Denied
by: Shailesh Gajare | last post by:
Hi All, I have creating an ASP.Net application with two web servers. I am uploading a file which is being uploaded on one of the server, I want to copy the uploaded file on the other server at the...
ASP.NET
1
java.security.AccessControlException : access denied (java.net.SocketPermission
by: Smoothj | last post by:
Hello all, when connecting to an IRC server with my java applet some of my members get this error code. java.security.AccessControlException : access denied (java.net.SocketPermission...
Java
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!