Microsoft KB Archive/318038

= ASP.NET impersonation feature does not apply to certain methods on custom SoapExtensions and SoapExtensionAttributes in Web Services =

Article ID: 318038

Article Last Modified on 5/12/2004

-

APPLIES TO


 * Microsoft Web Services Enhancements for Microsoft .NET 2.0
 * Microsoft Web Services Enhancements for Microsoft .NET 1.1

-



This article was previously published under Q318038



SUMMARY
The Microsoft ASP.NET Web services SoapExtension feature permits you to write a class that you can use to hook into WebMethod request processing and into WebMethod response processing to perform logging encryption, signing, and other actions. If you have configured impersonation for your Web Service, some calls that are made to this class that you have written occur outside the impersonation context.



MORE INFORMATION
Calls to the ChainStream method and to the ProcessMessage method of the SoapExtension feature occur in the impersonation context as the impersonated user. However, calls to the Initialize method and to the GetInitializer method of the SoapExtension feature and calls to the properties of a SoapExtensionAttribute derived class occur outside the impersonation context as the ASP.NET user. Calls to the GetInitializer method, to the Initialize method, and to the SoapExtensionAttribute derived class occur before the impersonation context starts. Calls to the ChainStream method and to the ProcessMessage method occur after impersonation occurs.

Put any SoapExtension code that requires the impersonation context to be active in the ChainStream method or in the ProcessMessage method of the SoapExtension feature. For example, resources that you want to access as the impersonated user, such as files with access restrictions, must be used in the impersonation context.

The following table contains the identities that the method calls are made under in an impersonation scenario:

