CoInitializeSecurity in ASP.NET

[Clas Hortien]

Hello,

i try to get access to a local virtual server object.
I have a aspx page with a button and textbox, this is the code:

public class WebForm1 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button btnFillBox;
protected System.Web.UI.WebControls.TextBox txtHost;
protected System.Web.UI.WebControls.Label Label1;

public enum RpcAuthnLevel
{
Default = 0,
None = 1,
Connect = 2,
Call = 3,
Pkt = 4,
PktIntegrity = 5,
PktPrivacy = 6
}

public enum RpcImpLevel
{
Default = 0,
Anonymous = 1,
Identify = 2,
Impersonate = 3,
Delegate = 4
}

public enum EoAuthnCap
{
None = 0x00,
MutualAuth = 0x01,
StaticCloaking= 0x20,
DynamicCloaking= 0x40,
AnyAuthority= 0x80,
MakeFullSIC= 0x100,
Default= 0x800,
SecureRefs= 0x02,
AccessControl= 0x04,
AppID= 0x08,
Dynamic= 0x10,
RequireFullSIC= 0x200,
AutoImpersonate= 0x400,
NoCustomMarshal= 0x2000,
DisableAAA= 0x1000
}

[DllImport("ole32.dll")]
public static extern int CoInitializeSecurity( IntPtr pVoid, int
cAuthSvc,IntPtr asAuthSvc, IntPtr pReserved1, RpcAuthnLevel level,
RpcImpLevel impers,IntPtr pAuthList, int dwCapabilities, IntPtr
pReserved3 );

#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form
Designer.
//
InitializeComponent();
base.OnInit(e);
}

/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.btnFillBox.Click += new System.EventHandler
(this.btnFillBox_Click);
this.Load += new System.EventHandler(this.Page_Load);

}
#endregion



[STAThread]
private void btnFillBox_Click(object sender, System.EventArgs e)
{
this.txtHost.Text = "";


CoInitializeSecurity( IntPtr.Zero, -1, IntPtr.Zero,
IntPtr.Zero,RpcAuthnLevel.PktIntegrity ,
RpcImpLevel.Identify,IntPtr.Zero, 0x40, IntPtr.Zero );

VMVirtualServerClass vs;
vs = new VMVirtualServerClass();
this.txtHost.Text = vs.Version;

}
}
}


I always get a "Access denied" on vs = new VMVirtualServerClass();
I have tried different combinations for CoInitializeSecurity, but with no
success.

Does anybody has experience of accessing a Virtual Server (COM) through
ASP.NET ? Or is there another usable interface to VS ?

Many thanks

Clas

 

[Nicholas Paldino [.NET/C# MVP]]

Clas,

Why are you calling CoInitializeSecurity? Since you are calling a COM
object, are you setting the ASPCompat attribute to true? Also, does the
object do anything that requires file or registry access?

Chances are you will have to impersonate a user that has the rights to
access virtual server.

Hope this helps.


--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hello,

i try to get access to a local virtual server object.
I have a aspx page with a button and textbox, this is the code:

public class WebForm1 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button btnFillBox;
protected System.Web.UI.WebControls.TextBox txtHost;
protected System.Web.UI.WebControls.Label Label1;

public enum RpcAuthnLevel
{
Default = 0,
None = 1,
Connect = 2,
Call = 3,
Pkt = 4,
PktIntegrity = 5,
PktPrivacy = 6
}

public enum RpcImpLevel
{
Default = 0,
Anonymous = 1,
Identify = 2,
Impersonate = 3,
Delegate = 4
}

public enum EoAuthnCap
{
None = 0x00,
MutualAuth = 0x01,
StaticCloaking= 0x20,
DynamicCloaking= 0x40,
AnyAuthority= 0x80,
MakeFullSIC= 0x100,
Default= 0x800,
SecureRefs= 0x02,
AccessControl= 0x04,
AppID= 0x08,
Dynamic= 0x10,
RequireFullSIC= 0x200,
AutoImpersonate= 0x400,
NoCustomMarshal= 0x2000,
DisableAAA= 0x1000
}

[DllImport("ole32.dll")]
public static extern int CoInitializeSecurity( IntPtr pVoid, int
cAuthSvc,IntPtr asAuthSvc, IntPtr pReserved1, RpcAuthnLevel
level,
RpcImpLevel impers,IntPtr pAuthList, int dwCapabilities, IntPtr
pReserved3 );

#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form
Designer.
//
InitializeComponent();
base.OnInit(e);
}

/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.btnFillBox.Click += new System.EventHandler
(this.btnFillBox_Click);
this.Load += new System.EventHandler(this.Page_Load);

}
#endregion



[STAThread]
private void btnFillBox_Click(object sender, System.EventArgs e)
{
this.txtHost.Text = "";


CoInitializeSecurity( IntPtr.Zero, -1, IntPtr.Zero,
IntPtr.Zero,RpcAuthnLevel.PktIntegrity ,
RpcImpLevel.Identify,IntPtr.Zero, 0x40, IntPtr.Zero );

VMVirtualServerClass vs;
vs = new VMVirtualServerClass();
this.txtHost.Text = vs.Version;

}
}
}


I always get a "Access denied" on vs = new VMVirtualServerClass();
I have tried different combinations for CoInitializeSecurity, but with no
success.

Does anybody has experience of accessing a Virtual Server (COM) through
ASP.NET ? Or is there another usable interface to VS ?

Many thanks

Clas

 

[Girish Bharadwaj]

Have you read this already?
http://msdn.microsoft.com/library/d...nnecting_to_the_virtual_server_com_object.asp

That has a sample of calling virtual server.

 

[Scott Allen]

Hi Nicholas:

Actually, in this case the documentation Girish pointed to says:

"The multithreaded apartment model should be used for applications
using the Virtual Server COM interfaces. Using the single-threaded
apartment model with the Virtual Server COM interface can
significantly affect the Virtual Server system's performance."

In which case the OP would not want to set aspcompat="true".

 

[Clas Hortien]

Clas,

Why are you calling CoInitializeSecurity? Since you are calling a COM
object, are you setting the ASPCompat attribute to true? Also, does the
object do anything that requires file or registry access?

Chances are you will have to impersonate a user that has the rights to
access virtual server.

Hope this helps.

I have tried to set ASPCompat=true but with no difference.
I have local admin rights (yes, i know what i'm doing ;-)), but i still
get the access denied error. The object representing the local
virtual server service and i should be able to do anything with
it as a local admin.

Thanks

Clas

 

[Clas Hortien]

Have you read this already?
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/msvs/msv
s/connecting_to_the_virtual_server_com_object.asp

That has a sample of calling virtual server.

This was the example, where i got the code from, there they use the
CoInitializeSecurity. The only difference is, that the example is a Console
Application and i want to use a ASP page.

 

[Scott Allen]

Hi Clas:

ASP.NET calls the CoInitializeSecurity API when it starts up, since
you can only call this API once during the life of a process, you
won't be able to change any settings from your code.

You might consider impersonating a user with priviledges to the
object. Use DCOMCNFG to see what permissions are in effect.

--
Scott
http://www.OdeToCode.com

Hello,

i try to get access to a local virtual server object.
I have a aspx page with a button and textbox, this is the code:

public class WebForm1 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button btnFillBox;
protected System.Web.UI.WebControls.TextBox txtHost;
protected System.Web.UI.WebControls.Label Label1;

public enum RpcAuthnLevel
{
Default = 0,
None = 1,
Connect = 2,
Call = 3,
Pkt = 4,
PktIntegrity = 5,
PktPrivacy = 6
}

public enum RpcImpLevel
{
Default = 0,
Anonymous = 1,
Identify = 2,
Impersonate = 3,
Delegate = 4
}

public enum EoAuthnCap
{
None = 0x00,
MutualAuth = 0x01,
StaticCloaking= 0x20,
DynamicCloaking= 0x40,
AnyAuthority= 0x80,
MakeFullSIC= 0x100,
Default= 0x800,
SecureRefs= 0x02,
AccessControl= 0x04,
AppID= 0x08,
Dynamic= 0x10,
RequireFullSIC= 0x200,
AutoImpersonate= 0x400,
NoCustomMarshal= 0x2000,
DisableAAA= 0x1000
}

[DllImport("ole32.dll")]
public static extern int CoInitializeSecurity( IntPtr pVoid, int
cAuthSvc,IntPtr asAuthSvc, IntPtr pReserved1, RpcAuthnLevel level,
RpcImpLevel impers,IntPtr pAuthList, int dwCapabilities, IntPtr
pReserved3 );

#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form
Designer.
//
InitializeComponent();
base.OnInit(e);
}

/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.btnFillBox.Click += new System.EventHandler
(this.btnFillBox_Click);
this.Load += new System.EventHandler(this.Page_Load);

}
#endregion



[STAThread]
private void btnFillBox_Click(object sender, System.EventArgs e)
{
this.txtHost.Text = "";


CoInitializeSecurity( IntPtr.Zero, -1, IntPtr.Zero,
IntPtr.Zero,RpcAuthnLevel.PktIntegrity ,
RpcImpLevel.Identify,IntPtr.Zero, 0x40, IntPtr.Zero );

VMVirtualServerClass vs;
vs = new VMVirtualServerClass();
this.txtHost.Text = vs.Version;

}
}
}


I always get a "Access denied" on vs = new VMVirtualServerClass();
I have tried different combinations for CoInitializeSecurity, but with no
success.

Does anybody has experience of accessing a Virtual Server (COM) through
ASP.NET ? Or is there another usable interface to VS ?

Many thanks

Clas

 

[Girish Bharadwaj]

Doh. How could I miss that!

--
Girish Bharadwaj
http://msmvps.com/gbvb

Hi Clas:

ASP.NET calls the CoInitializeSecurity API when it starts up, since
you can only call this API once during the life of a process, you
won't be able to change any settings from your code.

You might consider impersonating a user with priviledges to the
object. Use DCOMCNFG to see what permissions are in effect.

--
Scott
http://www.OdeToCode.com

Hello,

i try to get access to a local virtual server object.
I have a aspx page with a button and textbox, this is the code:

public class WebForm1 : System.Web.UI.Page
{
protected System.Web.UI.WebControls.Button btnFillBox;
protected System.Web.UI.WebControls.TextBox txtHost;
protected System.Web.UI.WebControls.Label Label1;

public enum RpcAuthnLevel
{
Default = 0,
None = 1,
Connect = 2,
Call = 3,
Pkt = 4,
PktIntegrity = 5,
PktPrivacy = 6
}

public enum RpcImpLevel
{
Default = 0,
Anonymous = 1,
Identify = 2,
Impersonate = 3,
Delegate = 4
}

public enum EoAuthnCap
{
None = 0x00,
MutualAuth = 0x01,
StaticCloaking= 0x20,
DynamicCloaking= 0x40,
AnyAuthority= 0x80,
MakeFullSIC= 0x100,
Default= 0x800,
SecureRefs= 0x02,
AccessControl= 0x04,
AppID= 0x08,
Dynamic= 0x10,
RequireFullSIC= 0x200,
AutoImpersonate= 0x400,
NoCustomMarshal= 0x2000,
DisableAAA= 0x1000
}

[DllImport("ole32.dll")]
public static extern int CoInitializeSecurity( IntPtr pVoid, int
cAuthSvc,IntPtr asAuthSvc, IntPtr pReserved1, RpcAuthnLevel level,
RpcImpLevel impers,IntPtr pAuthList, int dwCapabilities, IntPtr
pReserved3 );

#region Web Form Designer generated code
override protected void OnInit(EventArgs e)
{
//
// CODEGEN: This call is required by the ASP.NET Web Form
Designer.
//
InitializeComponent();
base.OnInit(e);
}

/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.btnFillBox.Click += new System.EventHandler
(this.btnFillBox_Click);
this.Load += new System.EventHandler(this.Page_Load);

}
#endregion



[STAThread]
private void btnFillBox_Click(object sender, System.EventArgs e)
{
this.txtHost.Text = "";


CoInitializeSecurity( IntPtr.Zero, -1, IntPtr.Zero,
IntPtr.Zero,RpcAuthnLevel.PktIntegrity ,
RpcImpLevel.Identify,IntPtr.Zero, 0x40, IntPtr.Zero );

VMVirtualServerClass vs;
vs = new VMVirtualServerClass();
this.txtHost.Text = vs.Version;

}
}
}


I always get a "Access denied" on vs = new VMVirtualServerClass();
I have tried different combinations for CoInitializeSecurity, but with no
success.

Does anybody has experience of accessing a Virtual Server (COM) through
ASP.NET ? Or is there another usable interface to VS ?

Many thanks

Clas

 

[Clas Hortien]

Hi Clas:

ASP.NET calls the CoInitializeSecurity API when it starts up, since
you can only call this API once during the life of a process, you
won't be able to change any settings from your code.

You might consider impersonating a user with priviledges to the
object. Use DCOMCNFG to see what permissions are in effect.

Hi Scott,

i checked the DCOMCNFG, but with no difference:

- the authentication level is default, "none" doesn't work either
- Location is local computer
- at security i played around with different user, but with no
result
- at identity i tried a local admin, but no result

Many thanks

Clas

 

[Girish Bharadwaj]

So, you are running the form as ASPNET user. Does that user have access to
that functionality of Virtual Server? If not, you might have to modify those
permissions.

Or, you might be able to use <identity> in web.config for this particular
project and set impersonate=true (and probably provide user name and
password which has access to that object).