Development vs web server permission problems

Jan 6, 2010 at 12:26 PM

Hello Andrea,

I'm having an issue where the NetSqlAzMan code runs fine under debug in VS 2005 but when I publish the code and access it via the web browser I get errors.

First error is "Store not found or Store permission denied" running the following code:

System.Security.Principal.WindowsIdentity userIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
AuthorizationType auth;
auth = storage.CheckAccess("Procurement Requisition Store", "Procurement Requisition Application", "Authorization", userIdentity, DateTime.Now, true);

The second error I'm getting is "Object reference not set to an instance of an object." running this code:

IAzManStorage storage = null;
IAzManStore store = null;
IAzManApplication app = null;
IAzManApplicationGroup[] AzGroups = null;
string strGroupBelongingTo = "";
bool bAuthorized = false;
bool bInGroup = false;

string sqlConnectionString = "data source=(local);initial catalog=NetSqlAzManStorage;Integrated Security = SSPI";
storage = new SqlAzManStorage(sqlConnectionString);
System.Security.Principal.WindowsIdentity userIdentity = System.Security.Principal.WindowsIdentity.GetCurrent();
store = storage["Procurement Requisition Store"];
app = store.GetApplication("Procurement Requisition Application");
AzGroups = app.GetApplicationGroups();
foreach (IAzManApplicationGroup AzGroup in AzGroups)

I suspect it's a permission problem but not quite sure where to fix it.

I have the NetSqlAzMan_Readers membership is mapped to the ASPNET account.

Thanks in advance,

Brian

 

Coordinator
Jan 7, 2010 at 6:13 AM

Hi,

1) System.Security.Principal.WindowsIdentity.GetCurrent() returns the Pool Identity and not the user identity.
To get the user Identity use:

a. <identity impersonate=”true” /> (into the web.config)

b. Page.Request.UserLogonIdentity

2) If you don’t use identity impersonate=true … try to add IUSR_MACHINENAME to the NetSqlAzMan_Readers sql group.

Regards,

Andrea.

__________________________________
Andrea Ferendeles
NetSqlAzMan Project Coordinator  
E-mail aferende@hotmail.com Web http://netsqlazman.codeplex.com

Jan 20, 2010 at 5:15 PM

Hum, I must be missing something here.  I've added the <identity impersonate="true" to the web.config file but I can't get Page.Request.UserLogonIdentity to compile nor can I find any references to check on how to use it.

What are you doing different where using "userIdentity" (derived from System.Security.Principal.WindowsIdentity.GetCurrent()) works in your examples (and in my development site) but not in my production site.

Sorry, I'm confused here Andrea.

 

Thanks,

Brian

Coordinator
Jan 21, 2010 at 6:00 AM

Hi,

Sorry ... a my mystake.

The right property is Page.Request.LogonUserIdentity (instead of Page.Request.UserLogonIdentity).

This couple of links could be useful:

http://blogs.technolog.nl/eprogrammer/archive/2006/06/07/523.aspx

http://blog.mikeobrien.net/PermaLink,guid,5e975b20-7b05-472f-bd80-04028ab8b6fa.aspx

Let me know.

Andrea.