0

I tried to upload file to a network path with following codes for silverlight app:

public void ProcessRequest (HttpContext context) 
{
  //.....
  using (FileStream fs = File.Create(@"\\Server\Folder\" + filename))            
 {
   byte[] buffer = new byte[4096];
   int bytesRead;
   while ((bytesRead = context.Request.InputStream.Read(buffer, 0, buffer.Length)) != 0)
   {
      fs.Write(buffer, 0, bytesRead);
   }
 }
}

It's working fine when I run it in debug mode with VS built-in web server. At SL side, I call this handler with url like:

UriBuilder ub = new UriBuilder("http://localhost:38700/FileUpload.ashx");

Then I publish this app to local IIS and change the url to http://localhost/Mysite/FileUpload.ashx

then run the app again. It won't work anymore, but no error.

I guess it is because different credential to call File.Create. So I want to use specific credential in handler to put file to the destination.

How to use a credential for File.Create?

KentZhou
  • 24,805
  • 41
  • 134
  • 200

1 Answers1

0

I believe you will need to impersonate a user. The code below should do it. Essentially, you gather the domain, user, and password and instantiate the ImpersonationMgr class. Then call the BeginImpersonation method. After that call the corresponding WriteFile method you wish. The WriteFile method will assert if impersonation is enabled. You can follow similar patterns for other file methods such as delete and move.

public class ImpersonationMgr : IDisposable

  [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
  public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType,
                                      int dwLogonProvider, out SafeTokenHandle phToken);

  [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
  public static extern bool CloseHandle(IntPtr handle);

  private const int LOGON32_PROVIDER_DEFAULT = 0;
  private const int LOGON32_LOGON_NEW_CREDENTIALS = 9;

  private readonly string userName = string.Empty;
  private readonly string domainName = string.Empty;
  private readonly string password = string.Empty;

  private SafeTokenHandle safeTokenHandle = null;
  private WindowsImpersonationContext impersonatedUser = null;

  public ImpersonationMgr(string userName, string domainName, string password)
  {
     this.userName = userName;
     this.domainName = domainName;
     this.password = password;
  }

  public void BeginImpersonation()
  {
     bool returnValue = LogonUser(userName, domainName, password, LOGON32_LOGON_NEW_CREDENTIALS,
                                  LOGON32_PROVIDER_DEFAULT, out safeTokenHandle);
     if (returnValue == false)
     {
        int ret = Marshal.GetLastWin32Error();
        throw new System.ComponentModel.Win32Exception(ret);
     }

     impersonatedUser = WindowsIdentity.Impersonate(safeTokenHandle.DangerousGetHandle());
  }

  private void AssertImpersonationIsEnabled()
  {
     if(safeTokenHandle == null || impersonatedUser == null)
     {
        throw new UnauthorizedAccessException("You must call the BeginImpersonation method before attempting file write access.");
     }
  }

  public void WriteFile(string pathToFile, string fileContents)
  {
     AssertImpersonationIsEnabled();
     using (FileStream fileStream = File.Open(pathToFile, FileMode.CreateNew))
     {
        using (StreamWriter fileWriter = new StreamWriter(fileStream))
        {
           fileWriter.Write(fileContents);
        }
     }
  }

  public void WriteFile(string pathToFile, byte[] fileContents)
  {
     AssertImpersonationIsEnabled();
     using (FileStream fileStream = new FileStream(pathToFile, FileMode.Create))
     {
        fileStream .Write(fileContents, 0, fileContents.Length);
        fileStream .Flush();          
     }
  }

  public void Dispose()
  {
     Dispose(true);
     GC.SuppressFinalize(this);
  }
}

UPDATE

   public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
   {
      private SafeTokenHandle()
         : base(true)
      {
      }


      [DllImport("kernel32.dll")]
      [ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
      [SuppressUnmanagedCodeSecurity]
      [return: MarshalAs(UnmanagedType.Bool)]
      private static extern bool CloseHandle(IntPtr handle);

      protected override bool ReleaseHandle()
      {
         return CloseHandle(handle);
      }
   }
Josh
  • 2,955
  • 1
  • 19
  • 28
  • Wow. looks like not a easy thing. Have tried it. Put it at web project and found SafeTokenHandle is not available. So this is for .NET 1/2/3/4? I use VS 2010 with .NET framework 4 and will move to 4.5. – KentZhou Jul 05 '12 at 17:20
  • thanks. More question: where is definition for handle? Dispose can be called. – KentZhou Jul 05 '12 at 17:30
  • have tried it again and got error: Error 2 Inconsistent accessibility: parameter type 'out SafeTokenHandle' is less accessible than method 'ImpersonationMgr.LogonUser(string, string, string, int, int, out SafeTokenHandle)' – KentZhou Jul 05 '12 at 17:41
  • just change it to public class SafeTokeHandle – Josh Jul 05 '12 at 17:45
  • Thank you. have try it again. It's working with VS built-in WebServer. but when deploy it to IIS, still not working. Not sure why. – KentZhou Jul 05 '12 at 18:23
  • You must be having permission issues. This is a pretty standard way of solving the problem. – Josh Jul 05 '12 at 18:55
  • Thank you. Figured it out: because of cross domain issue. – KentZhou Jul 06 '12 at 12:28