I have an ASP.Net (2.0) application on an intranet that needs to impersonate the users Windows login, which it does by having identity impersonate="true" in the web.config file.
In a couple of places it needs to create a file in the Temp folder of the server (a text file in one instance and a Word d开发者_如何学JAVAoc in another instance) before sending the resulting file to the user, after which it is deleted from the Temp folder.
It runs into a permission problem, because the user that is being impersonated does not have permission to write to the server's hard drive.
I was hoping I could switch to the default IIS (or some other built in account) to do the file access functions.
Is that possible? If so, how? I can't create any new accounts on the server.
It is Windows Server 2003.
Thanks
Yes it is possible using the System.Security.Principal namespace, see http://support.microsoft.com/kb/306158 for an example.
Basically you switch to a context that has permissions by impersonating the appropriate user account, perform your file IO then undo the impersonation.
However the easier solution would be to grant write access to the users (or groups). Grant permissions to the domain account/group so you don't have to create local accounts on the server.
I already had problems like yours, then I changed my mind and started using memorystreams and immediately writing them to the response object (instead writing it to disk and after send to the client). This way I save on being concerned in deleting it after downloaded by user.
The simplest way is probably to give the 'Everyone' group write access to the temp folder
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论