FileExplorer Synch with Windows Authentication

5 posts, 0 answers
  1. Mahmoud
    Mahmoud avatar
    25 posts
    Member since:
    Sep 2012

    Posted 06 Dec 2014 Link to this post

    Hi,

    I have been asking so long everywhere for this issue . but I didn't get any useful result.

    How can I synch FileExplorer with with Windows Authentication. So when for example (User1) Login in through windows Authentication dialog . 
    FileExplorer should read his Identity and show folder contents based on his granted permissions in the NTFS folder mapped with the control.
    Instead FileExplorer read (ApplicationPool) identity or user assigned to it only . It doesn't seem to work properly with windows user logged in.

    Any Help Please .
    I will be appreciated.
    Thanks
  2. Vessy
    Admin
    Vessy avatar
    1383 posts

    Posted 10 Dec 2014 Link to this post

    Hello Mahmoud,

    When you are using Windows Authentication, then you can enable impersonation for your web site. This way the ASP.NET process (and the FileExplorer control) will access the file system with the current user's credentials. The user will be able to only access/modify resources when they have permissions. This means that in order to access the Windows folders, the application itself has to be granted with the proper access to do so. You can remove the FileExplorer from the page, and test whether the application itself has access to the desired files and folders in the way explained here: Permissions check.

    You can also find useful information in the following online resource: Application Pool Identities.

    Regards,
    Vessy
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  3. UI for ASP.NET Ajax is Ready for VS 2017
  4. Hugh
    Hugh avatar
    10 posts
    Member since:
    Nov 2014

    Posted 10 Dec 2014 in reply to Vessy Link to this post

    Afternoon Vessy,

    I have a similar issue, but these references don't seem to answer it for me.  I have window auth and impersonation enabled in IIS along with folder with security I am using the RadFileExplorer to display.  As expected I get an error on a folder which my logged in user does not have access.  How do I handle the exception and continue. 

    For example I have testUsers1-4 and logging in as test user1 who has access to users 1,2,and 4 should return 3 folders for testUsers1,2, and 4 and simply skipping 3.  Hope this makes sense.  Was pretty simple to do with a standard asp.net treeview.

    I am overriding the FileSystemContentProvider as the documentation has provided but getting a little lost as to how to handle the exception.  Code below.

    protected void Page_Load(object sender, EventArgs e)
    {
    RadXmlExplorer.Configuration.ViewPaths = XML_PATH;
    RadXmlExplorer.OnClientItemSelected = "OnClientItemSelected";
    btSelected.OnClientClicked = "Done";

    #region assign-provider_cs
    RadXmlExplorer.Configuration.ContentProviderTypeName = typeof(ExtendedFileProvider).AssemblyQualifiedName;
    #endregion

    }

    public class ExtendedFileProvider : Telerik.Web.UI.Widgets.FileSystemContentProvider
    {
    //constructor must be present when overriding a base content provider class
    //you can leave it empty
    public ExtendedFileProvider(HttpContext context, string[] searchPatterns, string[] viewPaths, string[] uploadPaths, string[] deletePaths, string selectedUrl, string selectedItemTag)
    : base(context, searchPatterns, viewPaths, uploadPaths, deletePaths, selectedUrl, selectedItemTag)
    {
    }

    public override Telerik.Web.UI.Widgets.DirectoryItem ResolveRootDirectoryAsTree(string path)
    {
    try
    {
    Telerik.Web.UI.Widgets.DirectoryItem baseDirectory = base.ResolveRootDirectoryAsTree(path);
    System.Collections.Generic.List<Telerik.Web.UI.Widgets.DirectoryItem> folders = new System.Collections.Generic.List<Telerik.Web.UI.Widgets.DirectoryItem>();
    foreach (Telerik.Web.UI.Widgets.DirectoryItem folder in baseDirectory.Directories)
    {
    if (CheckReadPermissions(folder.Path))
    {
    folders.Add(folder);
    }
    }

    Telerik.Web.UI.Widgets.DirectoryItem newDirectory = new Telerik.Web.UI.Widgets.DirectoryItem(baseDirectory.Name, baseDirectory.Location, baseDirectory.FullPath, baseDirectory.Tag, baseDirectory.Permissions, null, baseDirectory.Directories);

    //return the updated directory information
    return newDirectory;
    }
    catch (Exception ex)
    {
    System.IO.File.AppendAllText(@"C:\inetpub\wwwroot\RAVN_FMEC2\logs\RavnHost.txt", ex.Message + "\n");
    }
    // return the updated directory information
    return null;
    }

    Appreciate your help.  my customer number is BX2225117
  5. Hugh
    Hugh avatar
    10 posts
    Member since:
    Nov 2014

    Posted 10 Dec 2014 in reply to Vessy Link to this post

    Afternoon Vessey,I have a similar issue.  I have Windows authentication and impersonation enabled in IIS which is working as expected, then i have folder which have security applied from local windows.  As the logged in user does not have access to all folders an exception is thrown as expected on the 1st folder that in which access is denied.

    How do I trap the error and continue to add remaining forlder to the RadFileExplorer. 

    As you can see i have overridden the FileSystemContentProvider and loop through all the folders figuring that is where i needed to check for security, but does not seem to be so.  After checking for read permission and adding to folders, the error show up when creating the directory item.
    A little confused how this works, was pretty simple with the asp.net treeview control, this is jsut a little different.My customer number is BX2225117.I appreciate your help resolving this matter. 
    Thanks, Steve.

           protected void Page_Load(object sender, EventArgs e)
            {
                RadXmlExplorer.Configuration.ViewPaths = XML_PATH;
                RadXmlExplorer.OnClientItemSelected = "OnClientItemSelected";
                btSelected.OnClientClicked = "Done";            #region assign-provider_cs
                RadXmlExplorer.Configuration.ContentProviderTypeName = typeof(ExtendedFileProvider).AssemblyQualifiedName;
                #endregion        }        public class ExtendedFileProvider : Telerik.Web.UI.Widgets.FileSystemContentProvider
            {
                //constructor must be present when overriding a base content provider class
                //you can leave it empty
                public ExtendedFileProvider(HttpContext context, string[] searchPatterns, string[] viewPaths, string[] uploadPaths, string[] deletePaths, string selectedUrl, string selectedItemTag)
                    : base(context, searchPatterns, viewPaths, uploadPaths, deletePaths, selectedUrl, selectedItemTag)
                {
                }            public override Telerik.Web.UI.Widgets.DirectoryItem ResolveRootDirectoryAsTree(string path)
                {
                    try
                    {
                        Telerik.Web.UI.Widgets.DirectoryItem baseDirectory = base.ResolveRootDirectoryAsTree(path);
                        System.Collections.Generic.List<Telerik.Web.UI.Widgets.DirectoryItem> folders = new System.Collections.Generic.List<Telerik.Web.UI.Widgets.DirectoryItem>();
                        foreach (Telerik.Web.UI.Widgets.DirectoryItem folder in baseDirectory.Directories)
                        {
                            if (CheckReadPermissions(folder.Path))
                            {
                                folders.Add(folder);
                            }
                        }                    Telerik.Web.UI.Widgets.DirectoryItem newDirectory = new Telerik.Web.UI.Widgets.DirectoryItem(baseDirectory.Name, baseDirectory.Location, baseDirectory.FullPath, baseDirectory.Tag, baseDirectory.Permissions, null, baseDirectory.Directories);                    //return the updated directory information
                        return newDirectory;
                    }
                    catch (Exception ex)
                    {
                        System.IO.File.AppendAllText(@"C:\inetpub\wwwroot\RAVN_FMEC2\logs\RavnHost.txt", ex.Message + "\n");
                    }
                    //    return the updated directory information
                    return null;
                }
  6. Vessy
    Admin
    Vessy avatar
    1383 posts

    Posted 12 Dec 2014 Link to this post

    Hi Steve,

    I have just answered your support ticket on the subject - for convenience I will post my answer here as well:

    For some reason the attached file did not make it through. Nevertheless, below you can see my comments concerning the code snippet provided in this forum thread:
    • The built-in CheckReadPermissions method check whether the current folder is a subfolder of (or equal to) some of the paths set to the FileExplorer's ViewPaths property. It does not check the folder permissions of the current user but only the permissions given to the control. You can implement your own CheckReadPermissions() method trying to get the content directories of the current folder and list it on success.
    • I noticed that you are returning the content of the original folder in the ResultDirectoryAsTree() method - you should change it in order to return only the accessible folders.

    Below you can find a sample implementation of the above described approach. Feel free to modify it in order to fit your scenario best:

    public class ExtendedFileProvider : Telerik.Web.UI.Widgets.FileSystemContentProvider
    {
        //constructor must be present when overriding a base content provider class
        //you can leave it empty
        public ExtendedFileProvider(HttpContext context, string[] searchPatterns, string[] viewPaths, string[] uploadPaths, string[] deletePaths, string selectedUrl, string selectedItemTag)
            : base(context, searchPatterns, viewPaths, uploadPaths, deletePaths, selectedUrl, selectedItemTag)
        {
        }
        public override Telerik.Web.UI.Widgets.DirectoryItem ResolveRootDirectoryAsTree(string path)
        {
            DirectoryItem baseDirectory = base.ResolveRootDirectoryAsTree(path);
            List<DirectoryItem> folders = new List<DirectoryItem>();
            foreach (DirectoryItem folder in baseDirectory.Directories)
            {
     
                if (CheckReadPermissions(Context.Server.MapPath(folder.Path)))
                {
                    folders.Add(folder);
                }
            } DirectoryItem newDirectory = new DirectoryItem(
                                            baseDirectory.Name,
                                            baseDirectory.Location,
                                            baseDirectory.FullPath,
                                            baseDirectory.Tag,
                                            baseDirectory.Permissions,
                                            null,
                                            folders.ToArray());
            //return the updated directory information
            return newDirectory;
        }
     
        private bool CheckReadPermissions(string path)
        {
            try
            {
                DirectoryInfo di = new DirectoryInfo(path);
                DirectoryInfo[] dirs = di.GetDirectories();
                return true;
            }
            catch (Exception ex)
            {
                System.IO.File.AppendAllText(@"C:\Logs\Logs.txt", ex.Message + "\n");
                return false;
            }
        }
    }

    I hope this solution will be helpful for you.


    Regards,
    Vessy
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
Back to Top
UI for ASP.NET Ajax is Ready for VS 2017