Access a server file using impersonation

I have to access an internal file from a web application and need to use impersonation to get access to the server.

I have not been sucessful so far, and the "help" files for .NET are somewhat lacking...

it's an asp.Net application with C# code behind.

Thank you,

Michelle
mnp13Asked:
Who is Participating?
 
Bob LearnedCommented:
Sorry for the great distance.

Here are the steps:

1) Copy/paste that code into a class module

2) Create an instance of the class:

   WindowsImpersonator alias = new WindowsImpersonator();

3) Impersonate someone:

    alias.Impersonate("domain", "user", "password");

4) When your done Undo:

    alias.Undo();

5) The current name is here:

    string currentName = alias.CurrentName;

Bob
0
 
sumixCommented:
0
 
mnp13Author Commented:
please leave it active, I am still working on the project. thank you.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
mnp13Author Commented:
It's not working and not giving me an error message or any indication of why...

it throws me to the "catch" at this line: impersonationContext =
                              ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
0
 
Bob LearnedCommented:
Can you show me how you are using this code?

Bob
0
 
mnp13Author Commented:
I'll post the section of code I"m useing on Monday, as it is on my work computer. Thanks!
0
 
mnp13Author Commented:
using System.Security.Principal;

...code...


                        System.Security.Principal.WindowsImpersonationContext impersonationContext;
                        impersonationContext =
                              ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
                  if (servPath.Equals("Null"))
                  {
                        this.hypServPDF.Enabled = false;
                        this.hypServPDF.Text = "not available";
                  }
                  else
                  {


                        this.hypServPDF.Enabled = true;
                        this.hypServPDF.Text = "Download";
                        this.hypServPDF.NavigateUrl = servPath.ToString();
                        this.hypServPDF.Target = "bill";



                  }
                        impersonationContext.Undo();
                  
0
 
Bob LearnedCommented:
Here is a class converted from VB.NET (untested):

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;

public class WindowsImpersonator
{

  [DllImport("advapi32.dll", CharSet=CharSet.Auto)]
  private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

  [DllImport("kernel32.dll")]
  private static extern int FormatMessage(int dwFlags, ref IntPtr lpSource, int dwMessageId, int dwLanguageId, ref string lpBuffer, int nSize, ref IntPtr Arguments);

  [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
  private static extern bool CloseHandle(IntPtr handle);

  [DllImport("advapi32.dll", CharSet=CharSet.Auto)]
  private static extern bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);

  private WindowsImpersonationContext m_impersonatedUser;

  private static string GetErrorMessage(int errorCode)
  {
    int FORMAT_MESSAGE_ALLOCATE_BUFFER = 256;
    int FORMAT_MESSAGE_IGNORE_INSERTS = 512;
    int FORMAT_MESSAGE_FROM_SYSTEM = 4096;

    int messageSize = 255;
    string lpMsgBuf = "";
    int dwFlags = FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS;

    IntPtr ptrlpSource = IntPtr.Zero;
    IntPtr prtArguments = IntPtr.Zero;

    int retVal = FormatMessage(dwFlags, ref ptrlpSource, errorCode, 0, ref lpMsgBuf, messageSize, ref prtArguments);
    if (0 == retVal)
    {
      throw new Exception("Failed to format message for error code " + errorCode.ToString() + ". ");
    }
    return lpMsgBuf;
  }

  public void Impersonate(string domainName, string userName, string password)
  {
    const int LOGON32_PROVIDER_DEFAULT = 0;
    const int LOGON32_LOGON_INTERACTIVE = 2;
    const int SecurityImpersonation = 2;
    IntPtr tokenHandle = IntPtr.Zero;
    IntPtr dupeTokenHandle = IntPtr.Zero;
    try
    {
      bool returnValue = LogonUser(userName, domainName, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
      if (!returnValue)
      {
        int ret = Marshal.GetLastWin32Error();
        throw new Exception(string.Format("Error: [{0}] {1}", ret, GetErrorMessage(ret)));
      }
      bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle);
      if (!retVal)
      {
        CloseHandle(tokenHandle);
        throw new Exception("Exception thrown in trying to duplicate token.");
      }
      WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
      m_impersonatedUser = newId.Impersonate();
      if (tokenHandle != IntPtr.Zero)
      {
        CloseHandle(tokenHandle);
      }
      if (dupeTokenHandle != IntPtr.Zero)
      {
        CloseHandle(dupeTokenHandle);
      }
    }
    catch (Exception ex)
    {
      Console.WriteLine(("Exception occurred. " + ex.Message));
    }
  }

  public void Undo()
  {
    m_impersonatedUser.Undo();
  }

  public string CurrentName
  {
    get { return WindowsIdentity.GetCurrent().Name; }
  }

}

Bob
0
 
mnp13Author Commented:
That is about 10 miles over my head. where do I put that, and where do I put the file path it is suppoed to be accessing?
0
 
mnp13Author Commented:
ok, I'll give it a go...

I'm off of work until Monday, but I will try it and repond then.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.