Security Context of ANPOP POP3 component, POP3 control, POP3 ocx, POP3 activex, POP3 com object, vb, asp, vc

ANPOP Developers Center > Programming with Security Context

Always failed in creating mailbox, saving email and attachment with ASP/ASP.NET

It is a common problem with ASP/ASP.NET developer who is using POPMSG or MSGSTORE object. The reason for the failure is likely that the current POPMSG or MSGSTORE object doesn't have enough permission to write in specified directory.

Why no permission?

When IIS processes an anonymous request, it assigns security token to the current Input/Output thread so that the current .asp is running as IUSER_MACHINE user. In general, when an .asp file creates an instance of component, the component will inherit the security context of the .asp file. Therefore, the default security context of component created in .asp is based on IUSER_MACHINE user. This user doesn't belong to administrators group of your machine/domain and hence it has lower permission to access file system. That's why your tasks always fail when you use POPMSG or MSGSTORE object to access file resource in ASP/ASP.NET.

Run ASP/ASP.NET with the security context of administrator

Both POPMSG and MSGSTORE provide two methods: ImpersonateUser and RevertToSelf. ImpersonateUser method changes the security context of current thread to specified user and RevertToSelf method returns the security context of current thread to original user. With these 2 methods, you can run ASP/ASP.NET under security context of administrator.

Code Examples

[ASP/VBScript]
Dim oMsg
Dim user, password

oMsg = Server.CreateObject("ANPOP.POPMSG")
user = "administrator"
password = "ad1234"

If oMsg.ImpersonateUser( user, password, "" ) = 0 Then 'logon this user
  Response.Write "Impersonate user succeeded"
Else
  Response.Write "Impersonate user failed"
End If

oMsg.RevertToSelf 'log off this user and run oMsg with original user

[ASP.NET/Visual Basic]
Dim oMsg As ANPOPLib.POPMSGClass()
oMsg = Server.CreateObject("ANPOP.POPMSG")

Dim user, password As String
user = "administrator"
password = "ad1234"

If oMsg.ImpersonateUser( user, password, vbNullString ) = 0 Then 'logon this user
  Response.Write( "Impersonate user succeeded" )
Else
  Response.Write( "Impersonate user failed" )
End If

oMsg.RevertToSelf() 'log off this user and run oMsg with original user

[ASP.NET/C#]					
ANPOPLib.POPMSGClass oMsg = 
             (ANPOPLib.POPMSGClass)Server.CreateObject("ANPOP.POPMSG");
string user = "administrator", password = "ad1234";

if( oMsg.ImpersonateUser( user, password, null ) == 0 ) //logon this user
  Response.Write( "Impersonate user succeeded" );
else
  Response.Write( "Impersonate user failed" );
  
oMsg.RevertToSelf(); //log off this user and run oMsg with original user

Issue on NT/2000

ImpersonateUser method may fail on Windows NT/2000. In this case, you should assign administrator and IUSER_MACHINE user the right "Act as part of the operating system" in "Administrative Tools" -> "local security policy" -> "Local Policies" -> "User Rights Assignment". Note: you need to reboot your machine or logoff current user to take effect.

Other solutions

You can also set ANPOP as COM+ application in "Administrative Tools" -> "Component Service", and specify the administrator security context to it.

If you do not want to use the solutions above, here is the last solution: Assign everyone control to the folder which ANPOP would access, it is just that simple.

Free Email Support

Not enough? Please contact our technical support team.

Support@EmailArchitect.NET
VIP@EmailArchitect.NET(Registered User)

Remarks
We usually reply emails in 24hours. The reason for getting no response is likely that your smtp server bounced our reply. In this case, please try to use another email address to contact us. Your Hotmail or Yahoo email account is recommended.