I have a requirement to write a WCF service that will be called from MS Excel using the Service Moniker from VBA code. So far that part I have figured out.
I also have impersonation working so that if I were to return the current user from a web method it will return my username and not IIS\DefaultAppPool or whatever IIS is running as...
So here is my issue. I have a third party dll "CyberArk Password Management if anyone is interested" where I create a PWD object, set some parameters and then call a method named Getpassword. Now I can call the method but I always get a authenication failure. If I dig into the logs of the CyberArk agent that I have running it seems that even though I am using Impersonation that the dll method is still being called as IIS\DefaultAppPool
Here are a few snippets...
Impersonation is turned on at the method Level
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
A call to this method returns my Domain and User name as I would expect
WindowsIdentity.GetCurrent().Name
But this line is being called as IIS\DefaultAppPool
password = PasswordSDK.GetPassword(passRequest);
I have tried doing Impersonation in Code rather than using the Annotaion, I have also tried a Impersonation object with a using bolck and nothing seems to work so here is what I am thinking.
The dll somehow does not allow me to impersonate the caller for security reasons
It may be the .NET framework not allowing this again for security reasons
I have no clue and would love some help :-)
You can self-host the application instead of using IIS to host. Then the service will be running in a process that is already running as the current user.
(If this an option)