From: Ian on
All,

I need to list within a web page the contents of a network directory,
this needs to be based on the user permissions of the user viewing the
web page.

For example,

User A can see the following directories :

dirA
dirB
dirC

User B has only rights to the following directories :

dirA
dirB

Directory 'dirC' will remain hidden from to User B.

The displaying of files within a network directory is easy enough, it's
the displaying of files based on user permissions that's the issue.

Any comments/suggestions welcome!

TIA
Iain
From: Alexey Smirnov on
On Mar 11, 9:41 am, Ian <I...(a)test.co.uk> wrote:
> All,
>
> I need to list within a web page the contents of a network directory,
> this needs to be based on the user permissions of the user viewing the
> web page.
>
> For example,
>
> User A can see the following directories :
>
> dirA
> dirB
> dirC
>
> User B has only rights to the following directories :
>
> dirA
> dirB
>
> Directory 'dirC' will remain hidden from to User B.
>
> The displaying of files within a network directory is easy enough, it's
> the displaying of files based on user permissions that's the issue.
>
> Any comments/suggestions welcome!
>
> TIA
> Iain

You wold need to impersonate current user to run with the permissions
of the current user.
http://msdn.microsoft.com/en-us/library/aa292118.aspx
From: Ian on
Alexey Smirnov wrote:

> You wold need to impersonate current user to run with the permissions
> of the current user.
> http://msdn.microsoft.com/en-us/library/aa292118.aspx

Yes, I saw the ASP.NET impersonation article(s), only thing that is
puzzling me is can you dynamically changes the values of :

<identity impersonate="true"
userName="domain\user" <----------- this value
password="password" /> <----------- this value

Can you pass the current user into the web.config identity impersonate
section?
From: Alexey Smirnov on
On Mar 11, 3:40 pm, Ian <I...(a)test.co.uk> wrote:
> Alexey Smirnov wrote:
> > You wold need to impersonate current user to run with the permissions
> > of the current user.
> >http://msdn.microsoft.com/en-us/library/aa292118.aspx
>
> Yes, I saw the ASP.NET impersonation article(s), only thing that is
> puzzling me is can you dynamically changes the values of :
>
> <identity impersonate="true"
>            userName="domain\user"      <----------- this value
>            password="password" />      <----------- this value
>
> Can you pass the current user into the web.config identity impersonate
> section?

You should use userName and password attributes only when you need to
impersonate the token with a specific identity. In order to get the
token impersonated by the current user you should use <identity
impersonate="true" /> and <authentication mode="Windows" />. See the
matrix that illustrate the resultant identity
based on settings. http://msdn.microsoft.com/en-us/library/aa302377.aspx

Hope this helps