You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cli-dev@httpd.apache.org by Adrian Wilkins <ad...@gmail.com> on 2005/11/04 13:59:29 UTC
NTLM authentication using mod_auth_sspi fails
Using mod_auth_sspi results in an exception in the WindowsIdentity class.
The user token is being sourced from the
System.Web.Hosting.SimpleWorkerRequest class which returns a null
pointer from the GetUserToken() method.
The ISAPIWorkerRequestInProc and ISAPIWorkerRequestOutOfProc classes
(same namespace) may or may not be appropriate replacements. Or
perhaps use the aspnet_isapi.dll methods EcbGetImpersonationToken or
PMGetImpersonationToken (in and out of process calls, repectively),
which are exposed also by the System.Web.UnsafeNativeMethods class.
Would just like to be able to avoid having to school my users in yet
another user/password combo, and just stick with NTLM as it's what
they are used to for their Subversion repo and Trac.
# Exception stack trace
[ArgumentException: Token cannot be zero.]
System.Security.Principal.WindowsIdentity.CreateFromToken(IntPtr
userToken, String type, Boolean bClose) +145
System.Security.Principal.WindowsIdentity..ctor(IntPtr userToken,
String type, WindowsAccountType acctType, Boolean isAuthenticated) +38
System.Web.Security.WindowsAuthenticationModule.OnEnter(Object
source, EventArgs eventArgs) +372
System.Web.SyncEventExecutionStep.System.Web.HttpApplication+IExecutionStep.Execute()
+51
System.Web.HttpApplication.ExecuteStep(IExecutionStep step,
Boolean& completedSynchronously) +87
## httpd.conf
#asp.net
#AspNetVersion v1.1.4322
LoadModule aspdotnet_module "modules/mod_aspdotnet.so"
AddHandler asp.net asax ascx ashx asmx aspx axd config cs csproj licx
rem resources resx soap vb vbproj vsdisco webinfo
<IfModule mod_aspdotnet.cpp>
# Mount the ASP.NET /asp application
AspNetMount /arty "d:/www/localhost/htdocs/arty"
#/SampleASP is the alias name for asp.net to execute
#"c:/SampleASP" is the actual execution of files/folders in that location
# Map all requests for /asp to the application files
Alias /arty "d:/www/localhost/htdocs/arty"
#maps /SampleASP request to "c:/SampleASP"
#now to get to the /SampleASP type http://localhost/SampleASP
#It'll redirect http://localhost/SampleASP to "c:/SampleASP"
# Allow asp.net scripts to be executed in the /SampleASP example
<Directory "d:/www/localhost/htdocs/arty">
Options FollowSymlinks ExecCGI
Order allow,deny
AuthType SSPI
AuthName "aspx"
SSPIAuth On
SSPIAuthoritative On
SSPIOfferBasic On
require valid-user
Allow from all
DirectoryIndex index.htm index.aspx
#default the index page to .htm and .aspx
</Directory>
# For all virtual ASP.NET webs, we need the aspnet_client files
# to serve the client-side helper scripts.
AliasMatch /aspnet_client/system_web/(\d+)_(\d+)_(\d+)_(\d+)/(.*) \
"C:/Windows/Microsoft.NET/Framework/v$1.$2.$3/ASP.NETClientFiles/$4"
<Directory \
"C:/Windows/Microsoft.NET/Framework/v*/ASP.NETClientFiles">
Options FollowSymlinks
Order allow,deny
Allow from all
</Directory>
</IfModule>
#asp.net