Giters

dotnet / ef6

This is the codebase for Entity Framework 6 (previously maintained at https://entityframework.codeplex.com). Entity Framework Core is maintained at https://github.com/dotnet/efcore.

Home Page:https://docs.microsoft.com/ef/ef6

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Creating DB context as impersonated user causes UnauthorizedAccessException - EF 6.4.4

knappema opened this issue · comments

commented

I started an application as lokal user (UserA). The DBContext will be created as different user (Domain UserB) using an impersonation context:

using (windowsIdentity.Impersonate())
using (var dbContext = new MyEntityFrameworkContainer())
{
    ...
}

Creating the DBContext throws an exception that the user.config file (of UserB) cannot be read.

System.TypeInitializationException: The type initializer for 'System.Data.Entity.Internal.AppConfig' threw an exception. ---> System.Configuration.ConfigurationErrorsException: Configuration system failed to initialize ---> System.Configuration.ConfigurationErrorsException: An error occurred loading a configuration file: Access to the path 'C:\Users\UserB\AppData\Local\<appName>\0.0.0.0\user.config' is denied. (C:\Users\UserB\AppData\Local\<appName>\0.0.0.0\user.config) ---> System.UnauthorizedAccessException: Access to the path 'C:\Users\UserB\AppData\Local\<appName>\0.0.0.0\user.config' is denied.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
   at System.Configuration.Internal.InternalConfigHost.StaticOpenStreamForRead(String streamName)
   at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.OpenStreamForRead(String streamName, Boolean assertPermissions)
   at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.OpenStreamForRead(String streamName)
   at System.Configuration.ClientConfigurationHost.OpenStreamForRead(String streamName)
   at System.Configuration.BaseConfigurationRecord.InitConfigFromFile()
   --- End of inner exception stack trace ---
   at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal)
   at System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(ConfigurationSchemaErrors schemaErrors)
   at System.Configuration.BaseConfigurationRecord.ThrowIfInitErrors()
   at System.Configuration.ClientConfigurationSystem.OnConfigRemoved(Object sender, InternalConfigEventArgs e)
   --- End of inner exception stack trace ---
   at System.Configuration.ClientConfigurationSystem.OnConfigRemoved(Object sender, InternalConfigEventArgs e)
   at System.Configuration.Internal.InternalConfigRoot.OnConfigRemoved(InternalConfigEventArgs e)
   at System.Configuration.Internal.InternalConfigRoot.RemoveConfigImpl(String configPath, BaseConfigurationRecord configRecord)
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject)
   at System.Configuration.BaseConfigurationRecord.GetSection(String configKey)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String sectionName)
   at System.Configuration.ConfigurationManager.GetSection(String sectionName)
   at System.Data.Entity.Internal.AppConfig..ctor()
   at System.Data.Entity.Internal.AppConfig..cctor()
   --- End of inner exception stack trace ---
   at System.Data.Entity.Internal.AppConfig.get_DefaultInstance()
   at System.Data.Entity.Internal.LazyInternalConnection..ctor(DbContext context, String nameOrConnectionString)
   at System.Data.Entity.DbContext..ctor(String nameOrConnectionString)

So, the file access might no run within the impersonation context.

EF version: EF6 (6.4.4)
Database Provider: SqlServer
Operating system: Win10
IDE: Visual Studio 2019

commented

Just an observation - it looks like this could be because UserB has no local profile on the machine... You may need to do something like load the local profile (and unload it again) as part of your impersonation.
Alternatively, look at something like loading the configuration only as the machine/exe configuration, get the connection string information, and manually open the connection and pass that in, instead of the connection name.
HTH

commented

Hi CZEMacLeod, I checked that the profile of UserB is on the machine and tested that the impersonation is working with UserB.
I tried to open an impersonated SqlConnection and passed this to my DBContext: This worked for me
Thanks for your advise