1

I have an ASP.NET web application using impersonation with the following web.config entry:

<system.web>
  <identity impersonate="true" />
  <authentication mode="Windows" />
  <authorization>
    <allow roles="Administrators" />
    <deny users="*" />
  </authorization>
</system.web>

Independently, this works just fine. The user has to log in as an administrator, and when they do, the application can perform administrative operations on their behalf.

Further to this though, I want to isolate some operations in a separate AppDomain, and would ideally like to shadow copy files too. I set up an AppDomain like this:

AppDomainSetup appSetup = new AppDomainSetup();
appSetup.ShadowCopyFiles = "true";
appSetup.ApplicationBase = 
    Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);

hostAppDomain = AppDomain.CreateDomain(
    "AppDomain1",
    AppDomain.CurrentDomain.Evidence,
    appSetup);

I then attempt to create an instance of an object in this AppDomain like:

var crossObject = (CrossAppDomainObject)hostAppDomain.CreateInstanceAndUnwrap(
    typeof(CrossAppDomainObject).Assembly.FullName,
    typeof(CrossAppDomainObject).FullName);

This produces the error:

The specified user does not have a valid profile. Unable to load 'MyAssembly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'.

If I don't set the AppDomain to use ShadowCopy, the problem vanishes. Can anybody explain this behaviour?

To be a little more specific, I don't actually need to shadow copy all assemblies. Ultimately my CrossAppDomainObject will be loading assemblies from another folder using MEF, and it's these other assemblies that I want shadow copied. I suspect I can get what I want by configuring shadow copy to be selective in the files it copies. But, I'm still left wondering what causes this error.

Snixtor
  • 4,239
  • 2
  • 31
  • 54

1 Answers1

4

Rather than what assemblies are shadow copied, your problem is caused by the issue with 'where the assemblies are to be shadow copied to'.

Namely, not specifying AppDomainSetup.CachePath causes the runtime, when shadow copying, to try to use a "user's download cache" location inside the user's profile directory (inside C:\Users\).

The error in your case is because Administrator is a special account that doesn't have such a profile directory.

One solution is to simply use the folder of the AppDomain running your web application, because ASP.NET already uses a specific CachePath (similar to C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\d32f4325), so that it works with such 'virtual' user accounts. If such a path is fine for you, just do

appSetup.CachePath = AppDomain.CurrentDomain.SetupInformation.CachePath;