Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Okay...my theory that the IPrincipal context was changed when making the web request proved accurate, which made this fix extremely easy. Best part is, I can keep using the api I built to make this request without duplicating the Sql Server Entity Framework parts.</p> <p>I have the following call to my api library:</p> <pre><code> proxyRequestResultDetails = ProxyApiWrapper.GetProxies( adUserInfo.AssociateId, context.User); </code></pre> <p>This code is being called by an authorization filter attribute. The method prototype looks like</p> <pre><code>public void OnAuthorization(AuthorizationContext filterContext) </code></pre> <p>Internally, the call makes the GetProxies method following call:</p> <pre><code> public static StreamReader GetWebRequestStream( string url, string contentType, bool useDefaultCredentials, IPrincipal user) { var impersonationContext = ((WindowsIdentity)user.Identity).Impersonate(); var request = WebRequest.Create(url); try { request.ContentType = contentType; //request.ImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation; //request.UseDefaultCredentials = useDefaultCredentials; //IWebProxy p = new WebProxy(); //request.Proxy = p. request.AuthenticationLevel = System.Net.Security.AuthenticationLevel.MutualAuthRequested; request.Credentials = System.Net.CredentialCache.DefaultNetworkCredentials; var response = (HttpWebResponse)request.GetResponse(); return new StreamReader(response.GetResponseStream()); } catch (Exception e) { impersonationContext.Undo(); throw e; } finally { impersonationContext.Undo(); } } </code></pre> <p>When the calling method returns, the identity of user is no longer that of the one set for the application to impersonate. The fix is pretty simple:</p> <pre><code> //Track current identity before proxy call IPrincipal user = context.User; proxyRequestResultDetails = ProxyApiWrapper.GetProxies( adUserInfo.AssociateId, context.User); //Undo any impersonating done in the GetProxies call context.User = user; </code></pre> <p>2 lines of code resolved 12 hours of head ache. It could have been worse. Anyhow. Thanks for being a sounding board. I tried having this conversion with the duck, but the duck got confused.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload