调用AzMan对象的initialize方法会导致FileNotFoundException [英] Calling initialize method of AzMan object causes FileNotFoundException
问题描述
我有一个WCF服务,该服务具有继承System.Web.Security.RoleProvider的类.在本课程中,我使用授权管理器(AzMan)-使用AzRoles.dll-进行角色管理.
I have A WCF service that has a class that inherits System.Web.Security.RoleProvider. In this class I use Authorization Manager (AzMan) - using AzRoles.dll - for role management.
身份验证位于ADAM实例中.
Authentication is in an ADAM instance.
我的服务在加载时遇到了麻烦,似乎我需要更改服务,以便每次调用都打开和关闭AzMan存储-否则将不会释放对象,最终应用程序池将崩溃-至少这似乎正在发生-我无法确认这100%.
I have been having trouble with my service under load and it seemed like I need to change the service so that the AzMan store was opened and closed for each call - otherwise objects were not being released and eventually the app pool would crash - at least that is what seems to be going on - I have been unable to confirm this 100%.
在原始代码中,AzMan存储库是通过覆盖的Initialize方法初始化的,如下所示:
In the original code the AzMan store was initialized in the overridden Initialize method like this:
public class AzManProvider : RoleProvider {
.
.
.
public override void Initialize( string name, System.Collections.Specialized.NameValueCollection config ) {
base.Initialize( name, config );
if ( config != null ) {
string appName = null;
string connStr = null;
foreach ( string k in config.Keys ) {
string key = k.ToLower().Trim();
string value = config[k];
if ( key == "applicationName".ToLower() ) {
appName = value;
} else if ( key == "connectionStringName".ToLower() ) {
connStr = ConfigurationManager.ConnectionStrings[value].ConnectionString;
}
}
if ( connStr.IsEmpty() )
throw new ArgumentNullException( "connectionStringName" );
CurrentApplicationName = appName;
m_azManStore = new AzAuthorizationStoreClass();
try {
m_azManStore.Initialize( 0, connStr, null );
} catch ( Exception ex ) {
throw ex;
}
}
}
.
.
.
}
我不确定何时准确调用此方法.如果在VS中运行它并设置一个断点,它将永远不会命中.通过在本节的web.config中设置对它的引用来实例化该类.
I am not sure when this method is called exactly. If you run it in VS and put a break point, it will never hit. This class is instantiated by setting a reference to it in the web.config in the section.
经过大量研究,我发现了博客文章一种将AzMan商店包装为一次性类的方法-足够容易.我创建了一个实现IDisposable的类:
After doing a lot of research I came across this blog post that suggested a way to wrap the AzMan store in a disposable class - easy enough. I created a class that implements IDisposable:
public class AzManHelper : IDisposable
{
public IAzAuthorizationStore Store { get; private set; }
public IAzApplication Application { get; private set; }
public AzManHelper(string appName)
{
string connStr = ConfigurationManager.ConnectionStrings["AzMan"].ConnectionString;
try
{
this.Store = new AzAuthorizationStoreClass();
this.Store.Initialize(0, connStr, null); //<-- Exception occurs here
this.Store.UpdateCache(null);
if (!String.IsNullOrEmpty(appName))
this.Application = this.Store.OpenApplication(appName, null);
}
catch (COMException cex)
{
HandleCOMException(cex);
}
}
public void Dispose()
{
if (this.Application == null)
return;
Marshal.FinalReleaseComObject(this.Application);
if(this.Store != null)
Marshal.FinalReleaseComObject(this.Store);
this.Application = null;
this.Store = null;
}
}
现在,当我运行这段代码时,当调用AzMan存储上的Initialize方法时,我得到一个FileNotFoundException.我已确认连接字符串正确.
Now, when I run this code I get a FileNotFoundException when the Initialize method on the AzMan store is called. I have confirmed that the connection string is correct.
尤其令人沮丧的是,如果我在VS 2010中本地运行此代码,则该代码将起作用,但是如果将其部署并作为WCF服务运行,则即使用户ID和LDAP连接字符串相同,也会出现我提到的错误.
What is especially frustrating is that this code will work if i run it locally within VS 2010 but if I deploy it and run it as a WCF service I get the error I mentioned eventhough the userID and LDAP connect string are the same.
我阅读了此博客文章和已发布的文章
然后,我认为也许无论IIS App池正在运行的时候都运行initialize方法,而外部的代码都以被授权的用户身份运行.因此,使用一个由同事编写的特殊类,我在调用AzMan初始化方法时关闭了模拟.我确认该用户是NETWORK SERVICE,但是我仍然收到相同的FileNotFoundException.我一直在与IT人员一起尝试不同的权限设置,但到目前为止还算不上成功.
I then thought that maybe the initialize method is being run as whatever the IIS App pool is running as and the code outside of that is run as the imperonated user. So, using a special class that a collegue wrote, I turned off impersonation when calling the AzMan intialize method. I confirmed that the user was NETWORK SERVICE but I STILL get the same FileNotFoundException. I have been working with out IT guys to try different permission settings but so far no luck.
有人对我为什么收到此错误有任何想法吗?我应该查看什么权限?
Does anybody have any idea as to why I am getting this error? What permissions should I be looking at?
也许我使用AzMan的方法是错误的-我的体系结构是否存在缺陷(除了我正在使用AzMan的事实?)
Perhaps my approach to using AzMan is wrong - is my architecture flawed (besides the fact that I am using AzMan?)
推荐答案
我发现了我的问题.我的WCF服务托管在IIS中. web.config文件中包含一个标记.模拟是针对运行该服务的服务帐户.当WCF服务托管在IIS中时,将使用ASP.NET来启动该服务,仅此而已.因此,当应用程序启动时,AzManProvider类由ASP初始化,因此模拟已完成.在实例化类时调用Initialize方法.服务帐户有权打开AzMan.调用WCF服务不会使用web.config中的任何ASP配置.因此,服务调用在应用程序池的身份-网络服务下运行.为了解决这个问题,我们将应用程序池标识更改为以服务帐户身份运行-并从web.config中删除了该标记.现在,一切正常.
I figured out my problem. My WCF service is hosted in IIS. The web.config file had an tag in it. The impersonation was for a service account that the service was to run as. When a WCF service is hosted in IIS the ASP.NET is used to launch the service but that's it. So, when the app started up the AzManProvider class was initialized by ASP so the impersonation was being done. The Initialize method is called at the time the class is instantiated. The servcice account has rights to open AzMan. Calls to the WCF service do not use any of the ASP condifuration settings in web.config. So, the service calls run under the identity of the application pool - NETWORK SERVICE. To fix this, we changed the app pool identity to run as the service account - and removed the tag from the web.config. Now, everything works.
我不明白为什么没有安全权限会引发FileNotFound异常.
I don't understand why not having security permissions would throw a FileNotFound exception.
这篇关于调用AzMan对象的initialize方法会导致FileNotFoundException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
