tags:

views:

76

answers:

1
Q: 

IHttpAsyncHandler causes UnathorizedAccessException

Hey fellow geeks,

For the last couple of days of my X-mas holidays, I have been struggling with an UnathorizedAccessException when trying to READ a XML file on a remote share through my ASP.NET application using an implementation of the IHttpAsyncHandler a long with the IRequiresSessionState.

After much headache, and concluding that the code OUTSIDE the handler worked flawlessly (see: access granted), I thought it might be some threading issue, so I changed the IHttpAsyncHandler to IHttpHandler, and the problem disappears.

What is troubling me here is, that for test purposes, I did not actually make use if the IHttpAsyncHandler implementation (hence, I did not use BeginProcessRequest and EndProcessRequest - only the sync. version, ProcessRequest.

Can anyone try to explain the issue at hand?

There are some beneficial matters in using the handler asynchronously, as I could pre-cache the values to be delivered later in the application, but for that to work, I have to get pass the security issues that seems to only manifest when implementing the IHttpAsyncHandler.

Thanks in advance for your kind help - and happy holidays :-)

A: 

The ASP.NET infrastructure calls an async handler differently (regardless if the impl is truly async). Is it possible that you were relying on impersonation to access the network resource? My guess would be that the necessary WindowsIdentity didn't flow to the threadpool thread that actually handled the request (I've never tried using impersonation + async handler, but I've gotten nailed with other thread state flow issues in the past).

Regardless, a true async handler is expensive to implement correctly. Unless you're building on top of a lot of other async infrastructure (async file i/o, async DB client, etc), it doesn't do you any good (in fact, even in the best cases, async handlers hurt raw performance). I'd look to see if your performance needs really justify the extra hassle and overhead of an async handler (eg, you need to service many more concurrent requests than threads in the process, etc).

nitzmahone  2009-12-23 03:52:26
Thank you for the answer.The challenge at hand is, that I need to lookup some possible external URI's on a HEAD level to resolve some information about those. This in a synchronously matter can take to long to process, why I was thinking about the async aproach.I might have to think out-of-the-box if the benefits is less compared to the time implementing it.I do not to any sorts of impersonation; for now i rely on the settings applied to the AppPool, where the default is ApplicationPoolIdentity.
Michael Mortensen  2009-12-23 13:55:09

related questions

Change .NET Framework version of application pool to 3.5?
How can I determine the number of users on an ASP.NET site (IIS)? And their info?
Hitting Webservice on Different Subnet
WebResource.asd giving 403 error in ASP.Net Post backs using IIS7
How do you Install a SSL Certificate
Can IIS7 be installed on XP?
Is IIS7 migration a piece of cake
Posting forms to a 404 + HttpHandler in IIS7: why has all POST data gone missing?
WAS hosting vs. Windows Service hosting
How do I fix 404.17 error on Win Server 2k8 and IIS7
Force IIS7 to suggest downloading *.exe files in "Local intranet" zone
Sending 'application/javascript' MIME t Type Header Causes 500 Error with PHP5 & IIS7
How to configure IIS7 to allow zip file uploads using classic asp?
What is the worker process for IIS7?
IIS Integrated Request Processing Pipeline -- Modify Request
How to setup GIT bare HTTP-available repository on IIS-machine
What is the ASP.NET process for IIS 7.0?
IIS7: HTTP->HTTPS Cleanly
URL Rewrite Module for IIS 7
ASP.NET Forms Authorization
Does CruiseControl.NET run on IIS 7.0?
How do I get PHP and MySQL working on IIS 7.0 ?
Convert an asp.net application to IIS7 integrated mode
Impersonation in IIS 7.0
How do I stop IIS7 dropping my cookies?