NewsBot
1
I'm using HttpWebRequest and HttpWebResponse to query a remote server. I plan to load the returned xml into an XMLDocument, but the HttpWebRequest.GetResponse() method fails with a 403 "Forbidden" error.
I am able to get a response when I put my domain username and password as plain text into the request's Credentials member, but of course I'd like to avoid having that information in the application.
I thought that code along these lines (found at http://claytonj.wordpress.com/2006/09/04/run-code-under-the-iis-authenticated-user-context/)
would solve my problem:
using System.Security.Principal;
if (User.GetType() == typeof(WindowsPrincipal))
{
WindowsIdentity id = (WindowsIdentity) User.Identity;
WindowsImpersonationContext impersonate = id.Impersonate();
//perform tasks under the impersonated user
//*** ***//
//revert back to local ASPNET account
impersonate.Undo();
}
else
{
//user isn’t authenticated
}
But, I still get the 403 error. I think the impersonation is failing because the WindowsIdentity.ImpersonationLevel property is always "Impersonation." I think this needs to be "Delegation" to reach the remote server (I'm behind a firewall and corporate proxy), but the property is read-only so I can't set it.
My Question: What do I need to configure in order to get the ImpersonationLevel property to be of the TokenImpersonationLevel.Delegation type?
Let me know if this requires clarification.
More...
View All Our Microsoft Related Feeds
I am able to get a response when I put my domain username and password as plain text into the request's Credentials member, but of course I'd like to avoid having that information in the application.
I thought that code along these lines (found at http://claytonj.wordpress.com/2006/09/04/run-code-under-the-iis-authenticated-user-context/)
would solve my problem:
using System.Security.Principal;
if (User.GetType() == typeof(WindowsPrincipal))
{
WindowsIdentity id = (WindowsIdentity) User.Identity;
WindowsImpersonationContext impersonate = id.Impersonate();
//perform tasks under the impersonated user
//*** ***//
//revert back to local ASPNET account
impersonate.Undo();
}
else
{
//user isn’t authenticated
}
But, I still get the 403 error. I think the impersonation is failing because the WindowsIdentity.ImpersonationLevel property is always "Impersonation." I think this needs to be "Delegation" to reach the remote server (I'm behind a firewall and corporate proxy), but the property is read-only so I can't set it.
My Question: What do I need to configure in order to get the ImpersonationLevel property to be of the TokenImpersonationLevel.Delegation type?
Let me know if this requires clarification.
More...
View All Our Microsoft Related Feeds