impersonation

I have a Boost ASIO-based C++ server program and I'd like to be able to set the source IP address used by TCP to that of another server. I know one can read the source and destination IP addresses but presumably they can be set as well? Presumably if I set the "wrong" source IP address in the C++ code there will be some interaction with the network stack. Won't the network stack re-set the source IP address on the way out even if the C++ code is right? Is the right way to do this to write C++ ASIO code to pick a specific virtual network interface? One that is configured with the "wrong" static

I wanted to access some google api services: GDrive API Contact API People API And I'm struggeling with the oauth2 impersonate service account flow (you know that one: Google Oauth v2 - service account description . For impersonification you need to apply the "Delegating domain-wide authority" in the google apps console, download the correspoding pk12 file and activate the api in a google console project. At the moment I always get: com.google.api.client.auth.oauth2.TokenResponseException: 401 Unauthorized at com.google.api.client.auth.oauth2.TokenResponseException.from(TokenResponseException

I found only one thread relating to this but it did not answer the question. I'm curious to a link or explanation of the difference between setting an impersonation user via in the web.config versus setting the application pool identity in IIS. They seem to be independent and am confused on the detailed differences. Thanks. Using impersonation in the web.config allows you to override whatever identity was configured for the Application Pool the app is running under - it's just a more fine grained method to control identity ( on the app level vs. the ApplicationPool level), so you could have

I thought of suPHP but that's not what I need. It doesn't serve to my purposes to run the whole PHP script as a different user. I just need to run one single linux command line as a different user. Is it possible? You could try the shell_exec function and sudo edit : seeing as sudo prompts for a password, you'd might wanna use proc_open , which allows you to use pipes. See this comment for how to create a custom password pipe. I believe you should try another approach. The "setuid". http://en.wikipedia.org/wiki/Setuid Basically you ask the file to run as it's owner, not the program. You can

I need to impersonate a user using C#. I use the LogonUser Win32 API. This works fine when impersonating users from the same domain as the currently logged-in user. However I get "false" as response when I try to impersonate users from other domains. What can cause this? You should try calling GetLastError right after LogonUser fail to see if any error information is given. http://msdn.microsoft.com/en-us/library/ms679360(VS.85).aspx There may be some issue with calling GetLastError from c#. Look here for more information on this : http://blogs.msdn.com/adam_nathan/archive/2003/04/25/56643

I need to access a remote drive from a Web App. The drive isn't accessible to the ASP.NET process, so I want to impersonate the current user for the request. I saw some basic examples using WindowsImpersonationContext, and have tried the following. WindowsImpersonationContext impersonationContext = null; try { impersonationContext = ((WindowsIdentity)User.Identity).Impersonate(); file.SaveAs(filePath); } finally { if (impersonationContext != null) { impersonationContext.Undo(); } } I'm still getting an access denied exception. I've read a bit of stuff about LogonUser , but as far as I can tell

I'm using the LogonUser win32 api: token = LogonUser(...) WindowsIdentity newId = new WindowsIdentity(token); WindowsImpersonationContext impersonatedUser = newId.Impersonate(); However when calling a WCF service after this I'm not able to use the impersonated identity. I think this is because impersonatedUser.ImpersonationLevel equals Impersonation. Is this the reason? Is a level of ImpersonationLevel.Identification what I need? How to get such a level? I don't know if this will work for WCF. But we use it in our production web app for impersonation to read and write files to the file system.

I need to access a network resource on which only a given Domain Account has access. I am using the LogonUser call, but get a "User does not have required priviliege" exception, as the web application is running with the asp.net account and it does not have adequate permissions to make this call. Is there a way to get around it? Changing the identity or permissions of the ASP.Net account is not an option as this is a production machine with many projects running. Is there a better way to achieve this? Using Asp.Net 2.0, Forms Authentication. Kind Regards. Just calling LogonUser is not enough.