Role Based Security Notes

• Impersontaing a User: 1) Setup the Platform Invoke DLL Function you'll be calling in step #2:

  [System.Runtime.InteropServices.DllImport("advapi32.dll")]
  public static extern bool LogonUser(
       String strUsername, 
       String strDomain, 
       String strPassword, 
       int intLogonType, 
       int intLogonProvider, 
       out IntPtr phToken);
  

  2) Retrieve the OS token for the user you want to impersonate:

  IntPtr phToken = IntPtr.Zero;
  LogonUser("username", "Domain", "password", 3, 0, out phToken);
  

  3) Create a new WindowsIdentity object and pass it the impersonation token:

  WindowsIdentity ImpersonatedIdentity = new WindowsIdentity(phToken);
  

  4) Impersonate the identity:

  WindowsImpersonationContext MyImpersonation = ImpersonatedIdentity.Impersonate();
  

  4) When impersonation is no longer needed, end it:

  MyImpersonation.Undo();