2

My (.NET) app allows users to tweak database values. They will then need to generate reports based on their edits, either Crystal or Reporting Services, but that's not important - what is important is that the generation won't definitely be able occur on their local box, e.g. they might not have Crystal Reports (or whatever) installed on their machine.

So I've set up a Message Queue on a network machine (which can generate the reports) and my app will post a message to that queue sending along an object with all the required information. So far, so good.

I've configured the target queue with a rule and a trigger so any new message will automagically provoke a console app on that remote machine to attempt to deal with the message.

The problem is that although everything works fine, the triggered console app runs as the local machine account. The app needs to interact with the database (which uses integrated authentication).

The console app works perfectly when I run it as an actual user, but not when triggered by Message Queuing.

The question is, can I configure the rule, trigger or console app to run as a specific user? I've tried all the config options that I can seem to see, but to no avail.

Perhaps I can impersonate a user within the app's code itself (in app.config)? It's feasible in ASP.NET code, but not in WinForms code by the look of it.

Edit: The impersonation suggestion works well ... right up until the point when I get an error "Access is Denied" from the Process.Start() function, calling startwithcreateprocess().

The user I'm impersonating has permission to run the process on the local box (so it can run natively with no problems).

4

2 回答 2

2
    Process p = new Process();

    p.StartInfo.UseShellExecute = false;

    SecureString password = new SecureString();
    string pwd = "mysecret123";
    foreach (char c in pwd)
    {
        password.AppendChar(c);
    }

    p.StartInfo.Domain = "DomainHere";
    p.StartInfo.UserName = "Natthawut";
    p.StartInfo.Password = password;

    p.StartInfo.FileName = "cmd";
    p.StartInfo.Arguments = "/c dir";
    p.Start();

请参阅 .NET 安全博客 - http://blogs.msdn.com/shawnfa/archive/2004/06/02/146915.aspx

顺便说一句,我认为这与 MSMQ 无关 :)

编辑:也许我错过了一些东西。不确定 MSMQ 如何引发新进程,或者它只是用于启动控制台应用程序的应用程序。

于 2008-12-23T17:15:17.187 回答
0

尝试在应用程序中使用模拟?

更粗略地说,您可以运行您的应用程序。

于 2008-12-23T17:04:01.237 回答