These forums are read-only and considered to be an archive. Please use the new Community for future interaction and posts.

Programmatic Impersonation ?

Greetings, We're in the process of evaluting your control, and so far it looks fantastic!

However we do have a question/issue regarding getting the FileVistaControl to work under the correct identity  via programmatic impersonation in .NET.

The control always seems to run under .NET process identity irregardless of our impersonated identity.

Everything works just great if we impersonate via the web.config <identity> tag, but unfortunately that's not an option on our end. Our app requires  programmatic impersonation to access network resources.

Is there some way to get the control to run correctly under our programmatically impersonated identity (a control configuration setting, etc) ?

Thanks for your help, and all the best!

Tim



Tim Pollard 8/4/2008 1:46 PM
You can easily accomplish this by doing the impersonation in Application_BeginRequest event of your project's global.asax. You can determine if the request is for FileVistaControl (eg. by examining Request.FilePath) and impersonate according to this condition.
Cem Alacayir 8/8/2008 2:18 PM
Thanks Cem,

I'll give that a shot...

All the best, Tim
Tim Pollard 8/11/2008 9:08 AM
Tim
Did you ever get this resolved? I'm trying to do the same thing and haven't been able to successfully impersonate the user logging in via Forms Authentication.  

If you've had some success, would you mind sending some sample code?  

Thanks.
Ted Eysenbach 10/17/2008 11:14 AM
Cem
Maybe you can help me out a little bit on this issue.  Can you send me some sort of example code showing how you would impersonate a authenticated user in the Application_BeginRequest event while using FormsAuthentication?   

I was trying to simply use this code in the Page_Load method just to see if I could get it to work.... it seems to impersonate but I'm getting a permissions error when trying to access a UNC drive.

WindowsIdentity winID = new WindowsIdentity(Context.User.Identity.Name + "@[domain_name]");
        WindowsImpersonationContext wic = null;

wic = winID.Impersonate();

Any thoughts?

Ted Eysenbach 10/27/2008 8:29 AM
Impersonating in Page_Load will not work because it takes in effect only when the page is first loaded. However, the control will make web service calls for file actions that's why, you need to take control in Application_BeginRequest method of global.asax. This way, you will impersonate before the request reaches the control and then the control will run in the context of the user impersonated.
Cem Alacayir 11/17/2008 1:02 PM
Danke Cem.  I ended up doing exactly what you described.  I had to use an unmanaged call to the LogonUser method in advapi32.dll to make it work though.  I was hoping to aquire a WindowIdentity token by using the WindowsIdentity(Context.User.Identity.Name + "@[domain_name]") method call but it just didn't seem to want to work.  By all accounts it was impersonating but I couldn't access remote resources that should have had access with the impersonated account.  Oh well, I still got it to work.    

Tschuss!  

Ted
Ted Eysenbach 11/17/2008 1:58 PM