The default browser on our web servers is IE. We have a requirement to launch an instance of Chrome on a button click on one of our web apps.
I have written an asp.net test app to try to achieve the above. In the test app I start a process on a button click on the server side to launch Chrome, but the Chrome window does not appear. The process seems to start fine as I get the the process ID and HasExited property is false. However, nothing comes up on screen and I don't seem to be able to find the process in the list of processes.
I know that in a web app, a process starts in the context of the asp.net worker process and that it does not have access to the desktop and has restricted permissions. So I gave the IIS Admin Service process permission to interact with desktop on my local machine (via Processes window). Also, in the code I tried starting the process using my own user account which has admin access to the local machine but still could not get the Chrome window to appear on screen.
My server side code is as follows:
var psi = new ProcessStartInfo
{
FileName = #"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe",
Arguments = "http://www.msn.com",
CreateNoWindow = false,
UseShellExecute = true
UserName = "username",
Password = "secure password",
Domain = "domain"
};
var process = new Process
{
StartInfo = psi
};
var result = process.Start(); // result is true
int processId = process.Id; // processId is valid
I would appreciate your help.
Related
I am attaching an exact print of the error.
The application is hosted in IIS and uses ADFS authentication. A single person managed to reproduce this error out of like 10 people. It reproduced every time even after restarting the browser, deleting cache & cookies on her machine. It stopped reproducing after restarting the app pool or a machine restart on her side. I am betting on the IIS app pool restart, since I already tried with restarting the browser and deleting the cookies and it didn't solve anything.
The only "custom" behavior we are doing is sliding the token in this way in the SessionSecurityTokenReceived event :
var token = e.SessionToken;
e.ReissueCookie = true;
e.SessionToken =
new SessionSecurityToken(
token.ClaimsPrincipal,
token.Context,
DateTime.UtcNow, //Start date
DateTime.UtcNow.AddMinutes(30)) //Expiration date
{
IsPersistent = token.IsPersistent,
};
IsPersistent is logged and it's always evaluated to false. Would this be the problem? I don't think so. From some google searches I see that people usually set it to true when doing token sliding.
One other search said to try creating the token this way :
var sam = sender as SessionAuthenticationModule;
e.SessionToken = sam.CreateSessionSecurityToken(
token.ClaimsPrincipal,
token.Context,
DateTime.UtcNow, //Start date
DateTime.UtcNow.AddMinutes(30),//Expiration date
true);
Is there any difference in creating the token by using "new SessionSecurityToken.." vs "sam = sender as SessionAuthenticationModule; sam.CreateSessionSecurityToken" ?
I am available for any other details.
Thank you
Error screen
I am working on a small project, in asp.net mvc3, that would copy the deployment files from a local drive to a share drive on a window server 2008 R2 server. I am connected using WMI, and the connection is successful. However, I tried to create a folder, and I receive the message "Logon failure: unknown user name or bad password." Here is a sample code:
bool isConnected = false;
options.Username = user.Name.Trim();
options.Password = user.password.Trim();
mScope = new ManagementScope("\\\\xxx.xxx.xxx.xxx\\root\\cimv2", options);
mScope.Connect();
if (mScope.IsConnected == true)
{
//I've gotten to this point. Then, the code below throw the exception
Directory.CreateDirectory(#"\\\\xxx.xxx.xxx.xxx\Tester\shareFile.txt");
isConnected = true;
}
I'd like to know what am I doing? Is that the right way of doing it?
it is the correct way however it will be the current user you are trying to access that gets passed to the remote computer to create the directory. The management scope at this point has nothing to do with Directory.CreateDirectory. These are 2 different "worlds". you do give the creds to ManagementScope but this has no affect on Directory.CreateDirectory. you could use impersonation to do what you are wanting to:
How do you do Impersonation in .NET?
it is unclear though if you are doing this in ASP.NET/MVC or a different platform. your tags indicate ASP.NET MVC but not your main question.
remember, if you are using ASP.NET/MVC, the credentials of the app pool are being used to perform such actions.
Well, I already tried a lot of stuff to solve this issue, but none did.
I developed a Reporting Service (2005) and deployed it.
This report will be used by everyone who access a website (it's a internet site, so, won't be accessed by intranet) developed on the framework 3.5 (but I think the framework's version is not the source of the problem).
When the user clicks on the button to download the .pdf which the Reporting automatically generates (the end-user never sees the html version of the Report), it asks for windows credentials.
If the user enters a valid credential (and this credential must be a valid credential on the server which the Reporting Service is deployed), the .pdf is obviously downloaded.
But this can't happen. The end-user must download the .pdf directly, without asking for credentials. Afterall, he doesn't even have the credentials.
Response.Redirect("http://MyServer/ReportServer/Pages/ReportViewer.aspx?%2fReportLuiza%2fReportContract&rs:Format=PDF&NMB_CONTRACT=" + txtNmbContractReport.Text);
The code snippet above, shows the first version of my code when the user clicks the button. This one propmts for the Windows credentials.
I already tried to change on IIS the Authentication of the virtual directory ReportServer, but the only one which works is the Windows Credentials. The other ones doesn't even let me open the virtual directory of the Report or the Report Manager's virtual directory.
When I tried to change it to Anonymous Authentication he couldn't access the DataBase. Then I choose the option to Credentials stored securely on the report server. Still doesn't work.
The physical directory of my ReportServer virtual directory points to the reporting server folder on the Hard Disk (C:\Program Files\Microsoft SQL Server\MSSQL.5\Reporting Services\ReportServer). I moved the same folder to my wwwroot directory.
Didn't work. The virtual directory didn't even open. Then I read this could be a problem because I had the same name on two folders (one in C: and other in wwwroot). So I changed the name of the one in wwwroot. Same issue of the DataBase connection couldn't be done.
I returned the physical path to C:
Below, is the second version of my button's event code:
ReportExecutionService rs = new ReportExecutionService();
rs.Credentials = System.Net.CredentialCache.DefaultCredentials;
rs.Url = "http://MyServer/ReportServer/ReportExecution2005.asmx";
// Render arguments
byte[] result = null;
string reportPath = "/ReportLuiza/ReportContract";
string format = "PDF";
// Prepare report parameter.
ParameterValue[] parameters = new ParameterValue[1];
parameters[0] = new ParameterValue();
parameters[0].Name = "NMB_CONTRACT";
parameters[0].Value = txtNmbContractReport.Text;
string encoding;
string mimeType;
string extension;
Warning[] warnings = null;
string[] streamIDs = null;
ExecutionInfo execInfo = new ExecutionInfo();
ExecutionHeader execHeader = new ExecutionHeader();
rs.ExecutionHeaderValue = execHeader;
execInfo = rs.LoadReport(reportPath, null);
rs.SetExecutionParameters(parameters, "pt-br");
String SessionId = rs.ExecutionHeaderValue.ExecutionID;
try
{
result = rs.Render(format, null, out extension, out encoding, out mimeType, out warnings, out streamIDs);
execInfo = rs.GetExecutionInfo();
}
catch (SoapException se)
{
ShowMessage(se.Detail.OuterXml);
}
// Write the contents of the report to an pdf file.
try
{
using (FileStream stream = new FileStream(#"c:\report.pdf", FileMode.Create, FileAccess.ReadWrite))
{
stream.Write(result, 0, result.Length);
stream.Close();
}
}
catch (Exception ex)
{
ShowMessage(ex.Message);
}
For this code, I had to add a WebReference to the .asmx file mentioned in it.
When I'm debugging (on Visual Studio 2010), the code above works fine, doesn't asking for credentials (unfortunately, it doesn't prompt the option to open, save or cancel de file download. But this is another problem, no need to worry with it now) and save the file on C:.
When published, the code doesn't work. An erros says: The permission granted to user 'IIS APPPOOL\ASP.NET v4.0' are insuficient for performing this operation. So I added to the Reporting Service's users this user. When I tried again, the error is: Login failed for user IISAPPPOOL\ASP.NET v4.0. Cannot create a connection to data source 'MyDataSourceName'.
Both Report and WebSite are deployed/published on the same server with a IIS 7.5 version.
Summarizing: I need a solution where there is no credential prompt, and the user can choose where it wants to save the .pdf file.
Any help will be appreciated.
If you need more information to help me, just ask.
Thanks in advance.
One solution would be to create a new App Pool with an account that has the rights to access your restricted resources and then assign your web application to it.
I am using following piece of code to perform IISReset on the remote servers using an Asp.Net Web application. Website is hosted on a windows server 2003 machine with IIS 6.0 and remote servers are also running windows server 2003 (IIS 6.0). This code is working absolutely fine in my development environment and successfully performing an IIS Reset on the remote servers but when i deployed this on the live server it is doing nothing. Application is almost un-responsive when I am clicking the button to reset IIS on the web page and generating the following error in the event log.:
*Application popup: iisreset.exe - Application Error : The application failed to initialize properly (0xc0000142). Click on OK to terminate the application.*
string pass = CommonMethods.GetSecureAppSettings("priviledgedUserPwd");
ProcessStartInfo psi = new System.Diagnostics.ProcessStartInfo();
psi.UserName = CommonMethods.GetSecureAppSettings("priviledgedUser");
psi.Password = pass.ToSecureString();
psi.FileName = #CommonMethods.GetAppSettings("ExecutablePath") + "iisreset.exe";
psi.WindowStyle = ProcessWindowStyle.Normal;
psi.Arguments = server.IP;
psi.RedirectStandardOutput = true;
psi.UseShellExecute = false;
System.Diagnostics.Process listFiles;
listFiles = Process.Start(psi);
StreamReader outPut = listFiles.StandardOutput;
listFiles.WaitForExit(10000);
if (listFiles.HasExited)
{
Logger.Audit(AUDIT_TITLE, outPut.ReadToEnd());
}
else
{
throw new Exception("Failed to start the process successfully");
}
return listFiles.ExitCode;
Here executable path is C:\Windows\System32 and priviledged user is a member of Administrators group so all the permissions are already in place. I have tried impersonation as well without any help.
Please suggest how to investigate this problem further.
Many Thanks in advance.
I'm working on an ASP.NET webforms app that will serve as a simple intake form to create work items in TFS 2010.
The app works correctly when I run it locally in debug mode--the submission completes and the work item is created.
When I publish the form to our dev server, it yellow screens and throws the following error:
[SecurityException: TF50309: The
following account does not have
sufficient permissions to complete the
operation: DOMAINNAME\SERVERNAME$. The
following permissions are needed to
perform this operation: View
collection-level information.]
In my code, I'm attempting to access TFS using a service account, and from what I can tell the service account is being used correctly when I run in debug mode.
Here's what my C# looks like:
string tfsServerUrl = "http://servername:8080/tfs";
string tfsProject = "Web Team Projects";
NetworkCredential tfsCredential = new NetworkCredential("ServiceAccountName", "password", "DOMAIN");
TeamFoundationServer tfs = new TeamFoundationServer(tfsServerUrl, tfsCredential);
tfs.Authenticate();
WorkItemStore workItemStore = new WorkItemStore(tfsServerUrl);
If I set a breakpoint at the tfs.Authenticate() line, the server object shows the service account name as the current user and IsAuthenticated = true.
The line in the exception that mentions SERVERNAME$ is what's stumping me. It's seems like IIS is deciding to try to access TFS with the app pool identity instead of the credentials that I'm explicitly supplying.
Our dev server is a Server 2008 box running IIS 7.
Any suggestions?
The TeamFoundationServer class is obselete. Have you tried using the TfsTeamProjectCollection (TFS 2008) or TfsConfigurationServer (2010) class instead?
string tfsServerUrl = "http://servername:8080/tfs";
System.Net.NetworkCredential tfsCredential = new System.Net.NetworkCredential("ServiceAccountName", "password", "DOMAIN");
TfsConfigurationServer tfs = new TfsConfigurationServer(new Uri(tfsServerUrl), tfsCredential);
tfs.Authenticate(); // You should be able to omit this
WorkItemStore workItemStore = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));