I have an ASP.NET application that requires users to log in with their domain accounts using basic authentication. The user can make a choice, and then press the button.
At some point after clicking the button, this code is located: WindowsIdentity.Impersonate(userIdentity.Token)
. userIdentity is of type WindowsIdentity , and it was previously set to (WindowsIdentity) User.Identity .
userIdentity is saved as a session variable, and I think that since after clicking the button, the page containing this code is called via AJAX.
When I click this code, it works for about 2/3 of the time, but 1/3 times I get this exception: Invalid token for impersonation - it cannot be duplicated. I think the biggest head cleaner for me is why it works sometimes, but not at another time? In some sessions, it works several times before a crash. On the other hand, it does not work right away.
Here's the stack trace:
in System.Security.Principal.WindowsIdentity.CreateFromToken (IntPtr userToken)
in System.Security.Principal.WindowsIdentity..ctor (IntPtr userToken, String authType, Int32 isAuthenticated)
in System.Security.Principal.WindowsIdentity.Impersonate (IntPtr userToken)
in Resource_Booker.BLL.ReservationAgent.SubmitReservationRequest (reservation reservation, patron cartridge) in C: \ dev \ RoomRes \ Resource Booker \ BLL \ ReservationAgent.cs: line 101
in Resource_Booker.Reserve.reserve_Click (object sender, EventArgs e) in C: \ dev \ RoomRes \ Resource Booker \ Reserve.aspx.cs: line 474
in System.EventHandler.Invoke (object sender, EventArgs e)
in System.Web.UI.WebControls.Button.RaisePostBackEvent (String eventArgument)
in System.Web.UI.Page.ProcessRequestMain (Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Here's a confounding factor: I can't reproduce this problem on my local Windows 7 x64 workstation - although my authentication is implicitly passed here since I use localhost - or in the 32-bit IIS 6.0 environment of Windows 2003. This only happens on a fairly vanilla environment Windows 2008 R2 All of these environments are members of a domain.