In IIS, I have a web service which runs under an application pool which has the identity of a user that has access to a drive on a remote machine. In this way, when the web service runs and it tries access the remote machine to read a file, we do not get any invalid authorization errors.
I have now written my first Node.js app but I am not sure how to allow access to a file stream from the app to the remote machine. I have the unc path name to the remote machine's file I want to read but I am not sure if I have to pass in the credentials of the user to access the file or I have to run the Node.js app under certain credentials.
Any clues?
I know there is node for IIS, but is there another way of doing this without IIS.
Update:
Just ran my app under my user account and this account is configured to allow access to a remote machine and I have access to the remote machine without changing my code (in other words just using the Unc path directly). However, how can I do this using another user's credentials (i.e. impersonation in Node.js?)
Double-click the name of the computer from which the folder you want to open is being shared. Select a folder. Double-click the folder you want to open. Enter a username and password if prompted.
chdir() method is used for changing the current directory of the Node. js process. It will throw an exception if any error occurs or the process fails, but will not return any response on success. For Example: It can fail when the specified directory does not exist.
Begin by creating the object from the fs module you will use in your program: const fs = require('fs'); Now that you have required the module and have it in an object called fs you can access all its methods. The one we are going to access in this occassion is the one mentioned earlier: writeFile().
Node does not handle impersonation like .NET applications do, since NodeJS is not Windows specific, so it does not know about the windows way of handling rights and elevation.
But that is not a problem. I have used the following technique on large financial networks.
As you pointed out yourself, the best solution is to have a dedicated user account for your nodeJS application with sufficient rights to access the UNC, but with no other rights. Then when you run the application, run it as this user.
Let me suggest that your setup a service to run the nodejs application and in the service specify the user account. This makes it much easier and safer. If you application is ever hacked, the hacker will not be able to escape the restrictions of the account.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With