Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jun 16, 2008 09:32 PM by johram
Jun 13, 2008 12:51 AM|LINK
i need a help here.
my Situation is as follow:
1. i have developed a webpart for retrieving Active Directory of a user and another webpart to retrieve a Folder owner in our file server.
Now both webparts are working in a visual studio environment ( When we click 'start debuging' ).
But when i have deployed to my IIS, both webparts just like a cat and a dog.
When i set <impersote=true> My AD webpart is working but not the FolderOwner Webpart.
if i set it to false, the My AD webpart is not working but the FolderOwner webpart is working.
Do you have any idea how can i overcome this issue?
Jun 13, 2008 05:18 AM|LINK
ASP.NET does not use impersonation and instead executes all code using the same user account as the ASP.NET process, which is typically the ASPNET account.In Internet Information Services (IIS) 6, the default identity is the NetworkService account.
You have to create assign the required roles to run the web parts in a user account and then set the same account in web.config followed by username and password
Something like that -
Jun 13, 2008 05:20 AM|LINK
You can use the following to determine what user the thread is executing with and without impersonate
Jun 13, 2008 05:27 AM|LINK
Thanks for replying back.
During my webpart development, i found i need to impersonate the logged in user with another username in order to read "folder owner" in my file server. Quite contradicting, but anyway, the webpart itself will be used in a SharePoint environment. As far as
i understand, SharePoint is also based on ASP.NET, thus putting the <identity impersonate =true userName="user" password="secret" /> will cause sharepoint to use the "user" identity instead of the logged in user. and this scenario is not what i expected.
is there any way to "change" the web.config setting programmatically in asp.net?
or other way which can help?
Thanks in advance :)
Jun 16, 2008 09:32 PM|LINK
See Ryan Dunn's post which will explain the basic security problems that you are likely to run into and how to solve them: