ASP.net core Impersonate user - Could not load file or assembly 'Dapper'

0

I'm hoping someone can point me in the right direction for this. I've been stuck on it for over a day now.

Goal

I want to allow my API to execute SQL queries as a different user than the one assigned to the API pool.

Ideally I would also like to avoid requiring the user's password (I'm not entirely sure if this is possible but the impersonation seems to be valid with the current way I'm doing it)

Problem

I've tried a few different methods to obtain a ClaimsIdentity and call WindowsIdentity.RunImpersonated and it seems to work fine until I try to access the SQL database using dapper. I get the following exception Could not load file or assembly 'Dapper, Version=1.60.0.0, Culture=neutral, PublicKeyToken=null'. Exception from HRESULT: 0x80070542.

My code looks like this (I know it isn't secure in any way. I'm just wanting to get a proof of concept together before moving forward with this project)

[HttpGet]
public ActionResult<IEnumerable<string>> Get( [FromServices] IDomainService service)
{
    string identity = "someuser@MYDOMAIN.COM";

    WindowsIdentity wi = new WindowsIdentity(identity);

    IEnumerable<string> result = new List<string>();
    WindowsIdentity.RunImpersonated( wi.AccessToken, () => {
        service.TestCall();
    });
    return Ok(result);
}

service.TestCall()

public IEnumerable<string> TestCall()
{
    return repository.TestQuery();
}

And lastly the repository

public class TestRepository : ITestRepository
{
    private string connectionString;

    private IDbConnection Connection
    {
        get
        {
            return new SqlConnection(connectionString);
        }
    }

    public TestRepository(string connectionString)
    {
        this.connectionString = connectionString;
    }

    public IEnumerable<string> TestQuery()
    {
        using(var connection = Connection)
        {
            return connection.Query<string>(@"SELECT TOP 1000 TestField From TestTable");
        }
    }
}

If anyone could provide some insight into why this isn't working, I would be eternally grateful. My assumption is that it is either permissions related or that the impersonation isn't being done properly.

Thanks for taking the time to read this!

asp.net-core
asp.net-web-api
.net-core
impersonation
asked on Stack Overflow Jul 8, 2019 by abaga129

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0