private void SendFile(HttpContext context, string filePath) { try { ADUser currentUser = LdapHelper.GetAdUser(context.User.Identity.Name); if (currentUser != null) { ////Start impersonating WindowsIdentity wi = new WindowsIdentity(currentUser.UserPrincipalName); using (WindowsImpersonationContext wCtx = wi.Impersonate()) { try { string fileUrl = makeFullFileUrl(filePath); string fileName = Path.GetFileName(fileUrl); FileInfo fileInfo = new FileInfo(fileUrl); context.Response.Clear(); context.Response.ClearContent(); context.Response.ClearHeaders(); context.Response.AddHeader("Content-Disposition", "attachment; filename=" + fileName); // bypass the Open/Save/Cancel dialog //Response.AddHeader("Content-Disposition", "inline; filename=" + doc.FileName); context.Response.AddHeader("Content-Length", fileInfo.Length.ToString()); // Set the ContentType context.Response.ContentType = MimeMapping.GetMimeMapping(fileName); context.Response.BufferOutput = true; //var file = File.ReadAllBytes(fileUrl); context.Response.WriteFile(fileUrl, true); context.Response.Flush(); context.ApplicationInstance.CompleteRequest(); } catch (System.UnauthorizedAccessException) { //The current user does not have rights, give them access denied context.Response.Clear(); context.Response.ClearContent(); context.Response.ClearHeaders(); context.Response.StatusCode = 401; context.Response.Write("Access denied. You do not have access to this file."); } catch (Exception ex) { //Something happened trying to fetch the file context.Response.Clear(); context.Response.ClearContent(); context.Response.ClearHeaders(); context.Response.StatusCode = 500; context.Response.Write($"An error occured trying to serve the file. {ex.ToString()}"); } finally { if (wCtx != null) { wCtx.Undo(); } } } } } catch (System.Security.SecurityException) { //The current user is not a synced account, the UPN is invalid context.Response.Clear(); context.Response.ClearContent(); context.Response.ClearHeaders(); context.Response.StatusCode = 401; context.Response.Write("Access denied. Not a valid user."); } }