How can I temporarily impersonate a user to open a file?

Question

I would like to temporarily impersonate a domain user account to read in a file on a network drive from an ASP.NET site.

I would rather not set up impersonation for

Answer 1

Actually, the process is quite easy, you can use code like this;

using System.Security.Principal;
...
// Obtain the authenticated user's Identity
WindowsIdentity winId = (WindowsIdentity)HttpContext.Current.User.Identity;
WindowsImpersonationContext ctx = null;
try
{
  // Start impersonating
  ctx = winId.Impersonate();
  // Now impersonating
  // Access resources using the identity of the authenticated user
}
// Prevent exceptions from propagating
catch
{
}
finally
{
  // Revert impersonation
  if (ctx != null)
    ctx.Undo();
}
// Back to running under the default ASP.NET process identity

Your code goes in the "Now impersonating" section. the KEY is the finally block, this is VERY important. You can view this MSDN article for full details on how this works.