0

this is next step after How to run wpf(c#) application by service account and integrated security

I created impersonation successfully, but i am getting some really strange error.

Let me explain situation:

  • My app is WPF
  • I have 2 users, my local account (localUser) and service account (saUser).
  • I am using Frame.Navigate() function to show diferent modules in my frame
  • I open app with localuser and then impersonate saUser

When i run my app with localUser it works OK (with local admin rights and without) When i run my app with saUser i am getting this error, no mather if saUser is local admin or not, and the funniest thing is i get error when Navigate(...) is called 2nd time!, first time it works normal... :)

Requested registry access is not allowed.

stackTrace:
   at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)
   at System.Windows.Application.GetSystemSound(String soundName)
   at System.Windows.Application.PlaySound(String soundName)
   at System.Windows.Application.FireNavigating(NavigatingCancelEventArgs e, Boolean isInitialNavigation)
   at System.Windows.Navigation.NavigationService.FireNavigating(Uri source, Object bp, Object navState, WebRequest request)
   at System.Windows.Navigation.NavigationService.HandleNavigating(Uri source, Object content, Object navState, WebRequest newRequest, Boolean navigateOnSourceChanged)
   at System.Windows.Navigation.NavigationService.Navigate(Uri source, Object navigationState, Boolean sandboxExternalContent, Boolean navigateOnSourceChanged)
   at System.Windows.Navigation.NavigationService.Refresh()
   at MyApp.MyNavigation.Navigate(Module modul, Boolean reverse) -> my function

Guyz help, any suggestions? i don't know what is going on... If i wasn't clear enough ask me...

EDIT: I am adding some code like asked, just small peace of it where error happens:

I have public static class for navigation
MainWindow mainWin = Application.Current.Windows.Cast<Window>().FirstOrDefault(window => window is MainWindow) as MainWindow;
current <- currentlly selected module
mainFrame <- frame that is showing all pages

// if current module if already selected refresh frame content
if (current.Link == mainWin.mainFrame.NavigationService.CurrentSource.ToString()) mainWin.mainFrame.Refresh();
// else show page content in frame
else mainWin.mainFrame.NavigationService.Navigate(new Uri(current.acLink, UriKind.Relative));

Error happens on Refresh() and Navigate().

Community
  • 1
  • 1
lanicor
  • 262
  • 1
  • 4
  • 11
  • could you please post some code? that error usually happens when working with the windows registry... – Gonzix Jan 22 '14 at 08:29
  • 2
    Why are you impersonating a system user to run a GUI? Looks like the account doesn't have some basic permissions to read registry (and probably correctly). You should use the system account for some background work, system services, etc., and also only when you really really need to. – Grzenio Jan 22 '14 at 08:43
  • yes error suggests that i have error when accessing registry, but both accounts are local admins so they have full access to registry, even more, my localUser works well even when not local admin.. – lanicor Jan 22 '14 at 08:56
  • Grzenio you are right i will change my code to impersonate service account only when needed... My app is distributed to our company users via Click Once and we have service account, so that users don't have to have some huge rights everywhere, but that they work in name of service account (db, network drives etc.) and i wanted to impersonate acc in beginning and run whole app with it but i see that i will have problems with that... – lanicor Jan 22 '14 at 09:00

1 Answers1

0

I am facing same issue. Is there any solution to this? There is an article related to how to access HKCU reg key, however it applies to code owned by us & not applicable to for WPF since its code is owned by Microsoft.

[Edit] My observation is that if WPF user control/Window is initialized prior to impersonation then later on after impersonation there is no issue about how many times they get created; no error is thrown. Can this be done as a workaround?.

Community
  • 1
  • 1
Vaibhav Gawali
  • 119
  • 1
  • 8