I ran into the same problem that you did on a project. There shouldbe a way to spawn a process out of your web app with given credentials, but in practice, it's a kludge at best. What I wound up finally doing was just having the app push information to an MSMQ and having a windows service that popped items of the Queue an serviced the requests.

我遇到了你在项目中遇到的同样问题。这里应该是产卵的过程不与给定的凭据你的web应用程序的一种方式，但在实践中，这是一个杂牌组装电脑的最好的。我最终做的只是让应用程序将信息推送到 MSMQ 并拥有一个 Windows 服务，该服务弹出队列的项目并为请求提供服务。

Even when you appliation is impersonating, it still wants to run under theaspnet user account.

即使您的应用程序正在模拟，它仍然希望在 aspnet 用户帐户下运行。

You can use ProcessStartInfo which allows you to specify credentials. The trick is that the password is a secure string, so you have to pass it as a byte array.

您可以使用 ProcessStartInfo，它允许您指定凭据。诀窍是密码是一个安全字符串，因此您必须将其作为字节数组传递。

The code might look something like:

代码可能类似于：

Dim startInfo As New ProcessStartInfo(programName)
        With startInfo
            .Domain = "test.local"
            .WorkingDirectory = My.Application.Info.DirectoryPath
            .UserName = "testuser"
            Dim pwd As New Security.SecureString
            For Each c As Char In "password"
                pwd.AppendChar(c)
            Next
            .Password = pwd

            'If you provide a value for the Password property, the UseShellExecute property must be false, or an InvalidOperationException will be thrown when the Process..::.Start(ProcessStartInfo) method is called. 
            .UseShellExecute = False

            .WindowStyle = ProcessWindowStyle.Hidden
        End With

Check the Code Access Securitylevel as Processrequires Full Trust. Your web application may be running in a partial trust setting.

根据流程要求检查代码访问安全级别。您的 Web 应用程序可能在部分信任设置中运行。Full Trust

From the Process MSDN page:

从进程 MSDN 页面：

Permissions

* LinkDemand
for full trust for the immediate caller. This class cannot be used by partially trusted code.

* InheritanceDemand
for full trust for inheritors. This class cannot be inherited by partially trusted code.

权限

* LinkDemand
为直接呼叫者提供完全信任。此类不能由部分受信任的代码使用。

* InheritanceDemand
对继承人的完全信任。此类不能由部分受信任的代码继承。

I wanted to mention that I have tried the code at this siteincluding the updated code mentioned in the comments. This code runs the process as the impersonated identity (which is really all I need), but the redirecting of the standard error fails -- so this link could be useful to those not concerned with dealing with the stderr.

我想提一下，我已经在这个站点上尝试过代码， 包括评论中提到的更新代码。这段代码将进程作为模拟身份运行（这正是我所需要的），但是标准错误的重定向失败了——所以这个链接对于那些不关心处理 stderr 的人可能很有用。

Not sure if this is it, but I had a related problem and the answer was that the account didn't have permission to impersonate on the machine. This can be changed by adding the account to the Policy "Impersonate a client after authentication" using the local policy manager on the machine.

不确定是不是这样，但我遇到了一个相关问题，答案是该帐户无权在机器上模拟。这可以通过使用机器上的本地策略管理器将帐户添加到策略“身份验证后模拟客户端”来更改。

I went a different way and put the whole application in its own app-pool running as the user we were originally impersonating. Now, when asp.net spawns a new process, it spawns under the context of the user instead of aspnet_wp. Not the exact solution to the problem I posted, but it worked for our situation.

我采用了不同的方式，将整个应用程序放在自己的应用程序池中，以我们最初模拟的用户身份运行。现在，当 asp.net 生成一个新进程时，它会在用户上下文而不是 aspnet_wp 下生成。不是我发布的问题的确切解决方案，但它适用于我们的情况。