Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
DotNet
acad.assignment.mngr
academic
adonet
aspnet
aspnet.announcements
aspnet.build.controls
aspnet.caching
aspnet.datagridcontrol
aspnet.mobile
aspnet.security
aspnet.webcontrols
aspnet.webservices
clr
compactframework
component_services
datatools
distributed_apps
drawing
faqs
framework
framework.wmi
general
internationalization
interop
languages.csharp
languages.jscript
languages.vb
languages.vb.controls
languages.vb.data
languages.vb.upgrade
languages.vc
languages.vc.libraries
myservices
odbcnet
performance
remoting
scripting
sdk
security
setup
vjsharp
vsa
webservi.enhancements
webservices
windowsforms
windowsforms.controls
winforms.databinding
winforms.designtime
xml
  
 
date: Thu, 15 May 2008 01:01:05 -0700 (PDT),    group: microsoft.public.dotnet.security        back       


WindowsIdentity.GetCurrent    
System.Security.Principal.WindowsIdentity.GetCurrent() can give me the
current logged-on user, but I found if I'm using impersonation in the
context, it can only give me the user identity who's being
impersonated rather than the real logged user on the Windows, what if
I want the latter?
date: Thu, 15 May 2008 01:01:05 -0700 (PDT)   author:   despird

Re: WindowsIdentity.GetCurrent    
first, WindowsIdentity.GetCurrent has an overload that you can use to determine 
if you are currently impersonating.

then you can undo impersonation temporarily to get to the process account

do this

using (WindowsIdentity.Impersonate(IntPtr.Zero))
{
  string process = WindowsIdentity.GetCurrent();
}

from the docs:
"Calling the Impersonate(IntPtr) method with a userToken value of Zero is 
equivalent to calling the Win32 RevertToSelf function. If another user is 
currently being impersonated, control reverts to the original user."


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

> System.Security.Principal.WindowsIdentity.GetCurrent() can give me the
> current logged-on user, but I found if I'm using impersonation in the
> context, it can only give me the user identity who's being
> impersonated rather than the real logged user on the Windows, what if
> I want the latter?
>
date: Thu, 15 May 2008 09:40:52 +0000 (UTC)   author:   Dominick Baier

Re: WindowsIdentity.GetCurrent    
On May 15, 5:40 pm, Dominick Baier
 wrote:
> first, WindowsIdentity.GetCurrent has an overload that you can use to determine
> if you are currently impersonating.
>
> then you can undo impersonation temporarily to get to the process account
>
> do this
>
> using (WindowsIdentity.Impersonate(IntPtr.Zero))
> {
>   string process = WindowsIdentity.GetCurrent();
>
> }
>
> from the docs:
> "Calling the Impersonate(IntPtr) method with a userToken value of Zero is
> equivalent to calling the Win32 RevertToSelf function. If another user is
> currently being impersonated, control reverts to the original user."
>
> -----
> Dominick Baier (http://www.leastprivilege.com)
>
> Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
>
>
>
> > System.Security.Principal.WindowsIdentity.GetCurrent() can give me the
> > current logged-on user, but I found if I'm using impersonation in the
> > context, it can only give me the user identity who's being
> > impersonated rather than the real logged user on the Windows, what if
> > I want the latter?- Hide quoted text -
>
> - Show quoted text -

that seems to be a very plausible solution, i'll try it again tomorrow
thanks a lot.
date: Thu, 15 May 2008 05:04:57 -0700 (PDT)   author:   despird

Re: WindowsIdentity.GetCurrent    
On May 15, 8:04 pm, despird  wrote:
> On May 15, 5:40 pm, Dominick Baier
>
>
>
>
>
>  wrote:
> > first, WindowsIdentity.GetCurrent has an overload that you can use to determine
> > if you are currently impersonating.
>
> > then you can undo impersonation temporarily to get to the process account
>
> > do this
>
> > using (WindowsIdentity.Impersonate(IntPtr.Zero))
> > {
> >   string process = WindowsIdentity.GetCurrent();
>
> > }
>
> > from the docs:
> > "Calling the Impersonate(IntPtr) method with a userToken value of Zero is
> > equivalent to calling the Win32 RevertToSelf function. If another user is
> > currently being impersonated, control reverts to the original user."
>
> > -----
> > Dominick Baier (http://www.leastprivilege.com)
>
> > Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)
>
> > > System.Security.Principal.WindowsIdentity.GetCurrent() can give me the> > > current logged-on user, but I found if I'm using impersonation in the
> > > context, it can only give me the user identity who's being
> > > impersonated rather than the real logged user on the Windows, what if
> > > I want the latter?- Hide quoted text -
>
> > - Show quoted text -
>
> that seems to be a very plausible solution, i'll try it again tomorrow
> thanks a lot.- Hide quoted text -
>
> - Show quoted text -

that does work, thanks a lot Dominick
date: Thu, 15 May 2008 17:41:10 -0700 (PDT)   author:   despird

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us