.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Post New Web Links

UnauthorizedAccessException setting HttpContex.User

Posted By:      Posted Date: May 22, 2011    Points: 0   Category :ASP.Net

I have an HTTPModule which authenticates a user against AD based on a cookie token and sets the HttpContext.User property to a WindowsIdentity created from a token generated by the logonuser WIN32 function.

This allows me to simulate Windows authentication through a forms based credentials process. This is used on a ASP.Net app and a SharePoint site.

The issue I have is this code executes fine if the pool account is in the local admin group. Otherwise it throws the following exception.


SecurityModule.FBAToNTIntegratedModule [(null)] - Authentication Request
System.UnauthorizedAccessException: Attempted to perform an unauthorized operation.
   at System.Security.Principal.WindowsIdentity.get_AuthenticationType()
   at System.Web.Hosting.IIS7WorkerRequest.SetPrincipal(IPrincipal user, IntPtr pManagedPrincipal)
   at System.Web.HttpContext.SetPrincipalNoDemand(IPrincipal principal, Boolean needToSetNativePrincipal)
   at System.Web.HttpContext.set_User(IPrincipal value)
   at SecurityModule.FBAToNTIntegratedModule.context_AuthenticateRequest(Object sender, EventArgs e) in


I do not want to add the pool account to the admin group but I can give it additional privileges to make this work. Is it possible to configure this account so this process will work? What privileges does the account need?


View Complete Post

More Related Resource Links

Need help with setting up SQL Server 2008 for role/user management


I've posted my problem in a few other categories.  Sorry for that.  I didn't see the security category until now.

I'm trying to use ASP.NET's built-in role/user management for a couple ASP.NET MVC 2 sites.  I'm using the MVCMusicStore as my guide.  I click on the Configuration Tool as the tutorial suggests, which launches the site administration page.  Unfortunately when I click on the security tab, I get an error that it cannot connect to the data store.  Attempting to test the AspNetSqlProvider gives me a similar error.

I've run the aspnet_regsql program as the error message suggested, and I have a role/user management database ready to go on the server.  The proper tables are constructed, and all that.  The configuration tool still doesn't see the data store.

As a test, I ran the MVCMusicStore demo in the debugger.  Its role/user management functionality worked.  I was able to add myself as a customer, and add/remove items from my cart with no errors or exceptions.  However, when I attempted to access its security tab in the configuration tool, I received the same error as I get for my own project.  How is it possible that role/user management works, but the configuration tool cannot change its settings?

Any suggestions on how I can get the configuration t

Having problems installing/setting up SQL Server 2008 Express/R2 for ASP.NET user management on deve

I'm a bit new to installing and configuring, well, just about anything regarding databases, so please bear with me. I'm currently building a couple of ASP.NET MVC 2 sites.  I'm following along with the MVCMusicStore tutorial, and am trying to set up user management using ASP.NET's configuration tool.  The problem is that ASP.NET can't 'see' the database. I have SQL Server 2008 installed on my laptop.  It's the version which is available on the Web Platform Installer (I believe it's Express).  When I try running the aspnet_sqlreg.exe program to set up my user management database, it can't tell that I'm running any version of SQL Server at all.  I get an exception about 'named pipes', and some other things I don't understand at the moment. Obviously, this is all a bit over my head.  Is there an idiot proof guide or tutorial available that describes, step-by-step, how to: 1. Install SQL Server 2008 on a development PC 2. How to configure it to be used by Visual Studio 2010 Professional 3. How to properly upload/modify the db on the production server with what's on the development PC Essentially, all the things that the ASP.NET tutorials gloss over.  Any suggestions, links to documentation, or other nudges in the right direction would be immensely appreciated.

Taxonomy term store additions via site setting are not visible to user in RC1

Is see that its possible to define Taxonomy term store via SharePoint main central  admin page. But when I try to add term store entries via a new site in the same collection ....  site setting -> Site Administration -> Term store management any new entries are not visible. That is to say when a user starts to enter a tag the helper dialog does not show any values added via the site but all values add via the central admin do appear. this seems like a bug and the is in RC1 or am I doing something wrong

Setting the default value of one row based on the value entered by the user in another row in the Re

Hello Everybody,
I have designed an InfoPath form where I have 4 columns (Question, Answer, Score, and Comments) in a repeating table. I have added 10 rows in the repeating table by going to Tools --> Default Values. Answer is a radio button with choices of Yes, No and N/A. When a user is filling out the form, is it possible to set the answer of one or more related questions to "N/A" and make them read only (the user shouldn't be allowed to select the answer for these questions) depending upon the answer of another question? Please let me know how to go about doing this.

Thanks in advance for your help!!

How to deny user with c# code instead of setting web.config?


Hi, I have some pages that need user to sign in. If not, I need to redirect user to signin page. I know this can be done by using some code like"<system.web><authorization><deny users="?"/></authorization></system.web>" in web.config.

But can I just write some code to do the same function? 

like in page load method, I can check whether user is sign in, if user is not signed in yet, how can I redirect user to the login page by using code? and how can I stop sending the content of the page to user?

Can anyone teach me about this?


Setting user values on login


Hi all,

Not sure if this falls under security but I figured since its about logging in it might.  Anyway.  I would like to know if my approach is good.  I have set up a login, the Login method is under the User Class which uses validation to my own database (not ASPNETDB).  I would also like to set values to that user to use on each page such as a simple label on the home page that says "Hello [UserName]". 

Code is below, should I separate the User values into a different class?  Also once i go to another page (called Home.aspx) I would like to set an ASP Panel to have the username in it.  I created a new instance of the User class in Home.aspx but unsure what I would need to go to get this to work.  Should I have some LoadUser method after a successful login?


public class User
    int UserID { get; set; }

Resetting user Password and setting User Must Change Password at next Logon with ASPX


Hi All,

I am having an issue with an asp.net project that I am doing and have been struggling with it for a while now and was hoping someone here might be able to help me out.

Basically what we are doing is resetting peoples passwords via a web page. I have got it to the point that it is resetting the users password but is not setting User Must Change Password at Next Logon in AD. Just so that I can save you time asking the lstOffice.Text in the Connection String is so that our Admin can select the office that the users profile is present in on the AD. 

The code is shown below (connection strings and users/passwords have been changed):

 Sub SetPassword()

        Dim de As New DirectoryEntry("LDAP://IP:389/ou=Layer1" + ", " + "ou =" + lstOffice.Text + ", " + "ou=Layer3,DC=1,DC=2,DC=com,DC=au")
        'authent for AD 
        de.AuthenticationType = AuthenticationTypes.Secure
        de.Username = "ADMIN"
        de.Password = "NotTh3realpassword"

            ' new directory searcher
            Dim ds As New DirectorySearcher(de)

            Dim mySearchResultColl As SearchResultCollection

            Dim mySearchResult As SearchResult
            '  ds.Filter = ("sAMAccountname = " + name)

Selecting a Task List in Sharepoint Designer 2007 while setting up "Collect Data from User"

When using Sharepoint Designer 2007 to Collect Data from User the task list cannot be selected.  Instead the Task list that is defaulted is the most recently created Task List.  How can I select a specific Task list to associate with"Collect Data from User"?

how to enable filtering on user setting stored in profile as binary data in a gridview?



I have a Profile with a Property like this:


    <add name="UserDetails" type="oUserDetails" serializeAs="Binary"/>


How can I show all Users with their Details in a GridWiew and how to enable filtering for values located in the UserDetails class. For example UserDetails.FavouriteColor which is a string.



MS SQL Server: Disconnect Users From Database - Kill User Session

If you ever wanted to restore your database from a SQL backup file (.bak), but there are still users connected to your database, the backup operation will fail causing the error: Exclusive access could not be obtained because the database is in use.

Choosing Between a User Control or Web Part for SharePoint

SharePoint will only display Web Parts on a page. However, there are publicly available shims that allow you to write user controls and have them be displayed as a Web Part. From SharePoint's point of view, the shim is a Web Part. From the point of view of the user control, the shim is simply a control in .NET that is including the user control

Creating Sites/Lists/List Items under Current User Context in SharePoint By Using SPUserToken

Usually we do this by performing the action under RunWithElevatedPrivileges method and updating the listitem using SPListItem.SystemUpdate() method (see here). but this approach has its own flaws like (RunWithElevatedPrivileges will run under system account, we cannot use SystemUpdate for SPSite,SPWeb,SPList, since it runs under system we will "CreatedBy" by as SystemAccount).

How to track the changes of user contacts(colleagues) by using SharePoint API

We might have seen colleague tracker web part which keep tracks the changes made in our contacts/colleagues details like profile/lists/sites. The same tracking mechanism can be implemented by using MOSS API in any custom web part/ web control/ feature/web service...

UserProfile.GetColleagueChanges is the method which returns all changes happened with the contacts, this method also accepts a Query (UserProfileChangeQuery) where we can specify different parameters to filter the changes

Configuring User Profiles in SharePoint Server 2010

Note: I've added the necessary links relating to SharePoint Server 2010 prerequisites, along with instructions for configuring the user profile synchronization service, at the end of this

User Defined Functions in Microsoft SQL Server

User Defined Functions are compact pieces of Transact SQL code, which can accept parameters, and return either a value, or a table. They are saved as individual work units, and are created using standard SQL commands. Data transformation and reference value retrieval are common uses for functions. LEFT, the built in function for getting the left part of a string, and GETDATE, used for obtaining the current date and time, are two examples of function use. User Defined Functions enable the developer or DBA to create functions of their own, and save them inside SQL Server.

Setting the default start page in godaddy hosting?


 How do you set the start page with godaddy hosting? I can see no way of doing this! You do not seem to have access to the IIS settings that allow you to change it!

Building Re-Usable ASP.NET User Control and Page Libraries with VS 2008


I am having problems with a user control. I want my solution to have a separate project for holding my user controls.

The main project can get a reference to this user control project and can import this user control dll into my main project. 

Thanks in advance,

Dheeraj Mittal


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend