impersonation

问题 I have an WebService that creates a task and a continuation task. In the first task we set Thread.CurrentPrincipal Hence, When the ContinuationTask starts it no longer has the Thread.CurrentPrincipal. I'd like to specify in the ContinuationTask that it should run in the same thread as its antecedent . I've searched the web but i only found the requirement for the thread to run in the SynchronizationContext, therefore i am starting to think I am missing some basic rule, specially regarding how

问题 I would like to temporarily impersonate a domain user account to read in a file on a network drive from an ASP.NET site. I would rather not set up impersonation for the entire site or set up a mapped drive on the server. 回答1: I ended up using code from Michiel van Otegem: WindowsImpersonationContext made easy and added an implementation of IDisposable. I found this in another question about impersonation in ASP.NET. Usage: using (WindowsImpersonationContextFacade impersonationContext = new

问题 I have two Active Directory domains, A and B. Users in domain A need to run an application on their desktops to view and manipulate a resource located on a server in domain B. Each user also has an account in domain B. Is it possible to impersonate each user's domain B identity to perform operations on the domain B resource programatically? Example Workflow: User logs in to domain A. User launches desktop application. User specifies resource in domain B. Application prompts user for domain B

问题 I have an internal application which has two levels of security. FormsAuthentication for client-facing application and NTLM Integrated authentication for management interface. I can easily impersonate clients by just creating the proper .ASPXAUTH cookie with the FormsAuthentication class' methods. However generating HTTP Authentication header for NTLM is beyond me so far. I had my hopes up when I found this article (http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025

问题 I need to pass a NetworkCredential object with the credentials of the currently impersonated user to a web service from an asp.net application. My code looks like this: WindowsIdentity windowsIdentity = HttpContext.Current.User.Identity as WindowsIdentity; WindowsImpersonationContext context = windowsIdentity.Impersonate(); try { var client = GetClient(); client.ClientCredentials.Windows.ClientCredential = CredentialCache.DefaultNetworkCredentials; Log("WindowsIdentity = {0}", windowsIdentity

问题 WindowsIdentity identity = new WindowsIdentity(accessToken); WindowsImpersonationContext context = identity.Impersonate(); ... context.Undo(); Where do i declare a administraotr UserName and Passowrd ? the accessToken param doesn't help me too much... Do I have to import DLL'S for it ? 回答1: You need to get the user's token. Use the p/invoke LogonUser from the advapi32.dll: [DllImport("advapi32.dll", SetLastError = true)] public static extern bool LogonUser( string lpszUsername, string

问题 This question already has an answer here : Closed 7 years ago . Possible Duplicate: Accessing Password Protected Network Drives in Windows in C#? I have ComputerA on DomainA running as userA needing to copy a very large file to ComputerB on WorkgroupB which has the ip of 192.168.10.2 to a windows share that only userB has write access to. There is no netbios or dns resolving so the computer must be refrenced by IP I first I tried AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security

问题 This question already has an answer here : Closed 7 years ago . Possible Duplicate: Accessing Password Protected Network Drives in Windows in C#? I have ComputerA on DomainA running as userA needing to copy a very large file to ComputerB on WorkgroupB which has the ip of 192.168.10.2 to a windows share that only userB has write access to. There is no netbios or dns resolving so the computer must be refrenced by IP I first I tried AppDomain.CurrentDomain.SetPrincipalPolicy(System.Security

问题 I have a class library that keeps system-wide configuration data in the registry (HKLM\Software\XXX). This library is used in various applications (services, windows forms, web apps, console apps) on various versions of Windows (XP, 2003, 7, 2008 R2). Because of this, the identity of the app is not consistent and may not even be a member of the machine's Administrators group. So I've created an AD domain admin user and do impersonation to gain write access to the registry. This works

问题 I have a class library that keeps system-wide configuration data in the registry (HKLM\Software\XXX). This library is used in various applications (services, windows forms, web apps, console apps) on various versions of Windows (XP, 2003, 7, 2008 R2). Because of this, the identity of the app is not consistent and may not even be a member of the machine's Administrators group. So I've created an AD domain admin user and do impersonation to gain write access to the registry. This works