hello!
i have an ASP.NET web service with a web method that passes a path to a network drive
('\\tron\Versioning'), on *another* box, to a classic in-proc VB COM component that,
internally, using the 'MS Scripting' component to create a FileSystemObject and calls
GetFolder() on that object to retrieve a reference to that Folder object. when doing
so, i get a 'Path not found' exception returned.
------------------------------------------
couple notes (and code below):
------------------------------------------
- im running .NET framework 1.1 (v1.1.4322)
- the VB COM component is *not* a configured COM+ component - its just classic COM
(and in-proc DLL)
- i have verified that the path exists and the box that the web service is running on
can access it via 'Start...Run,' IE, and windows explorer
- i configured IIS security for *anonymous*, but specified a different account that
all incoming request will use (and for debugging purposes, even included a domain
admin to see if that would work - nope!)
- my web.config authentication mode = 'Windows' (<authentication mode="Windows" />)
- i have tried turning impersonation on in my web.cofig file (<identity
impersonate="true"/>)
- when i pass a *local* path to the VB COM component, rather than another network
resource, it can fetch the folder just fine
- the ACL of the target folder, on the target box, *does* provide the correct
permissions for the account configured as the anonymous account in IIS (and is
verifiably being passed to ASP.NET - see below)
------------------------------------------
code snippets: (ASP.NET - shortened for clarity)
------------------------------------------
[WebMethod]
public string BuildVersionManifest(...)
{
//just to verify that the appropriate credentials are getting passed from IIS
WindowsIdentity wi = WindowsIdentity.GetCurrent();
string sUsername = wi.Name;
//wi.Impersonate(); //ive tried this, but i assume it does the same thing as
having
//impersonate turned on in my web.config - neither of them do the trick
//note: doing this works great?!? although, these 2 lines are not part of the
real code
Scripting.FileSystemObject pFSO = new Scripting.FileSystemObjectClass();
Scripting.Folder pFolder = pFSO.GetFolder(@"\\tron\Versioning");
//this is the real code that fails... see below for the code in the
'VersionBasePath' property of the broker
//that is the code that is unable to locate the passed folder
nGENVerServer.VersionBroker pBroker = new nGENVerServer.VersionBrokerClass();
pBroker.VersionBasePath = @"\\tron\Versioning"; //THIS LINE FAILS!!!
...
}
------------------------------------------
code snippet: (VB COM object)
------------------------------------------
Public Property Let VersionBasePath(ByVal sValue As String)
On Error GoTo errHandler
Dim theFSO As Scripting.FileSystemObject
Set theFSO = New Scripting.FileSystemObject
Set g_VersionBaseFolder = Nothing 'module member
Set g_VersionBaseFolder = theFSO.GetFolder(sValue) 'REAL LINE THAT FAILS with
'Path not found'!!!
Exit Property
errHandler:
Call Err.Raise(Err.Number, Err.source, Err.Description)
Exit Property
End Property
------------------------------------------
notice that when i create a Scripting.FileSystemObject *directly* from ASP.NET, and
then call GetFolder() with my path, it is able to retrieve the folder just fine. so...
i was wondering if, how, and why a security identity switch is occuring from my
ASP.NET page to the VB COM interop AND how can i get around this issue? (and please
note, that as of right now im not willing to accept the ASP.NET page passing in a
reference to the folder that it has already acquired. even if that worked, i have too
many other places internal to this VB COM component that will go out to other network
resources to perform its job).
also, in my research, i have found several good explanations of how security is
configured and handled in ISS, ASP.NET, and the transition between the two, but i have
not been able to find anything good on what happens when you drop from managed code
(in this case ASP.NET) to COM interop code. in addition to knowing the answer to this
particuliar problem, i would really appreciate any advice on some good articles/books
on what happens here specifically (note: i am familiar with Keith Brown's excellent
book!).
thanks for any help you can provide,
Benjamin Callister
Vice President of Engineering, Tutor.com
Real Tutors, Real Results.
e: [EMAIL PROTECTED]
p: 212.528.3101; x.227
w: http://www.tutor.com
