|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
ISAPI filter with Basic Authentication and Asp.net impersonationIs it possible in the context of an ISAPI filter (with Basic Authentication) managing the authentication to use impersonation in a asp.net project? I'm new to ISAPI filter... Here's my problem. I'm working in a Sharepoint 2003 (WSS) context. Instead of using the Active Directory from the Sharepoint server, we're using a ISAPI filter to authenticate the users by connecting to a Web service that returns true or false depending if the user credential are good or not. The problem is that on our Sharepoint portal we have multiple webparts that impersonate the administrator. For that, we're using code from that source: http://msdn2.microsoft.com/en-us/library/aa505327.aspx#wsstipstricks_usingimpersonationtoaccessdatathatthecurrentusercannotaccess. >From the tests I've done, when we activate Basic authentication, we get "The request failed with HTTP status 401: Unauthorized" from the webparts using impersonation. If both Basic Anthentication and Windows Integrated Authentication are activated, the page load correctly like if there was no ISAPI filter at all (credentials from the server AD need to be used). So is it possible to used the asp.net Impersonation when in "Basic Authentication" mode? Thank you, Chris "Basic Authentication" has no correlation to ASP.Net Impersonation.
What happens is that: 1. IIS first negotiates Basic Authentication 2. On success, IIS impersonates credentials obtained through authentication on its thread and executes ASP.Net 3. In turn, ASP.Net loads up .Net Framework to run your managed code, which can certainly change the user token on the thread if the managed code is allowed The problems could be either: 1. The ISAPI Filter is not working correctly 2. Sharepoint has restrictions on Web Parts 3. Managed Code is not allowed to change thread impersonation Not really IIS-related issues at all. //David http://w3-4u.blogspot.com // midwa***@gmail.com wrote: Show quoteHide quote > Hello, > > Is it possible in the context of an ISAPI filter (with Basic > Authentication) managing the authentication to use impersonation in a > asp.net project? I'm new to ISAPI filter... > > Here's my problem. I'm working in a Sharepoint 2003 (WSS) context. > Instead of using the Active Directory from the Sharepoint server, we're > using a ISAPI filter to authenticate the users by connecting to a Web > service that returns true or false depending if the user credential are > good or not. The problem is that on our Sharepoint portal we have > multiple webparts that impersonate the administrator. For that, we're > using code from that source: > > http://msdn2.microsoft.com/en-us/library/aa505327.aspx#wsstipstricks_usingimpersonationtoaccessdatathatthecurrentusercannotaccess. > > >From the tests I've done, when we activate Basic authentication, we get > "The request failed with HTTP status 401: Unauthorized" from the web > parts using impersonation. If both Basic Anthentication and Windows > Integrated Authentication are activated, the page load correctly like > if there was no ISAPI filter at all (credentials from the server AD > need to be used). > > So is it possible to used the asp.net Impersonation when in "Basic > Authentication" mode? > > Thank you, > Chris 
Other interesting topics
Web Applications located on a FileDiskImage not accessable with Internet Information Server ? (Delph
IIS 5.0 Manage for non-admin rights URL Authentication IIS 6.0 Monitor IIS for http and https ussage! IIS 6 Directory Services Mapping ACL Problems Webservice to an Out of process server 403 Forbidden Web Site Access requires UserID and Password - Resolved Import Cert without pfx or pending request Extranet Authentication |
|||||||||||||||||||||||
