问题
I'm writing an Intranet application. Target framework in project.json is dnx451. That's my publishing command:
dnu publish --runtime dnx-clr-win-x86.1.0.0-rc1-update1 --no-source
Database Connection string:
Server=name;Database=name;Trusted_Connection=True;
I'm trying to impersonate the database access but it's not working. When I start the application my windows user is recognized and it says Hello, Domain\Username on top right. As soon as I try to access the database I get the error "Login failed for user Domain\Computername". If I run the application pool under my user then everything works fine.
IIS: .NET CLR Versio is v4.0, Managed Pipline Mode Classic and Identity is ApplicationPoolIdentity. Website authentications: ASP.NET Impersonation and Windows Authentication are enabled.
What do I need to change that impersonation is finally working?
回答1:
Core does not support impersonation because all web code is out of proc, hosted by Kestrel. If you want to do it you need to take the current Principal, as a WindowsPrincipal, then manually impersonate at the point where you need it.
One thing to note is that in RC1 you don't get a WindowsPrincipal, so you can't do this right now. It'll be fixed in RC2.
回答2:
If you want every page request to impersonate the user, you can configure your own Middleware to run before MVC;
public class Impersonate
{
private readonly RequestDelegate next;
public Impersonate(RequestDelegate next) {
this.next = next;
}
public async Task Invoke(HttpContext context) {
var winIdent = context.User.Identity as WindowsIdentity;
if (winIdent == null) {
await next.Invoke(context);
}else {
WindowsIdentity.RunImpersonated(winIdent.AccessToken, () => {
next.Invoke(context).Wait();
});
}
}
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) {
....
app.UseMiddleware<Impersonate>();
app.UseMvc(...);
...
}
来源:https://stackoverflow.com/questions/35180871/asp-net-core-1-0-impersonation