ASP.NET Impersonation fails on IIS

[serre]

Hi,

I built an ASP.NET Web application with impersonation. This works
fine, my login is recognized. Now I want to get access to a certain
folder on an UNC file share. I have the rights with my login, but when
I test my application on the web server I get an error message that
the access is denied.

Please help, thanks

 

[Joe Kaplan \(MVP - ADSI\)]

If you are using Windows Integrated Authentication in IIS, then this is
likely failing because your account cannot be delegated to a different
server. This is called a double hop issue. Do a search for double hop and
Kerberos Delegation to find out what you need to do to get this working.

Joe K.

 

[Paul Clement]

On 7 Feb 2005 07:04:08 -0800, (e-mail address removed) (serre) wrote:

¤ Hi,
¤
¤ I built an ASP.NET Web application with impersonation. This works
¤ fine, my login is recognized. Now I want to get access to a certain
¤ folder on an UNC file share. I have the rights with my login, but when
¤ I test my application on the web server I get an error message that
¤ the access is denied.

The other way around this, if you need to delegate credentials, is to use Basic authentication. This
would be fine if your app is confined to an Intranet. Otherwise, with NTLM (Integrated Windows
Authentication) you need to implement Kerberos, as Joe mentioned.


Paul ~~~ (e-mail address removed)
Microsoft MVP (Visual Basic)