Thursday, June 23, 2005

Role Based Security Notes

  • Impersontaing a User: 1) Setup the Platform Invoke DLL Function you'll be calling in step #2:
    public static extern bool LogonUser(
         String strUsername, 
         String strDomain, 
         String strPassword, 
         int intLogonType, 
         int intLogonProvider, 
         out IntPtr phToken);
    2) Retrieve the OS token for the user you want to impersonate:
    IntPtr phToken = IntPtr.Zero;
    LogonUser("username", "Domain", "password", 3, 0, out phToken);
    3) Create a new WindowsIdentity object and pass it the impersonation token:
    WindowsIdentity ImpersonatedIdentity = new WindowsIdentity(phToken);
    4) Impersonate the identity:
    WindowsImpersonationContext MyImpersonation = ImpersonatedIdentity.Impersonate();
    4) When impersonation is no longer needed, end it:

No comments: