How to impersonate another user?

Question

I'm working on an ASP.net app and i'm trying to impersonate a user

I'm creating a windowsIdentity with a token

WindowsIdentity winId = new WindowsIdenty( token );

this token was got by calling the un managed code

[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName, 
    String lpszDomain,
    String lpszPassword,
    int dwLogonType, 
    int dwLogonProvider,
    ref IntPtr phToken);

is there any other way to get a token without using this advapi32.dll unmanaged code?

tks

There are more Win32 API ways. – Brian R. Bondy Feb 17 '10 at 17:38 — Brian R. Bondy, Feb 17 '10 at 17:38

score 3 · Answer 1 · answered Jul 24 '12 at 07:51

Built a class: Impersonate.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.IO;
using System.Text;

using System.Web;

// you must change the YourProgramName 

namespace [YourProgramName]
{
    public class Impersonate
    {

        [DllImport("advapi32.dll", SetLastError = true)]
        private static extern int LogonUser(string lpszUsername, string lpszDomain, string lpszPassword,
                                            int dwLogonType, int dwLogonProvider, out int phToken);

        [DllImport("kernel32.dll")]
        private static extern int FormatMessage(int dwFlags, string lpSource, int dwMessageId, int dwLanguageId,
                                                StringBuilder lpBuffer, int nSize, string[] Arguments);


        private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
        private const int LOGON32_PROVIDER_DEFAULT = 0;
        private const int FORMAT_MESSAGE_FROM_SYSTEM = 0x1000;

        private static WindowsImpersonationContext winImpersonationContext = null;

        public static void ImpersonateUser(string domain, string userName, string password)
        {

            //Benutzer einloggen
            int userToken = 0;

            bool loggedOn = (LogonUser(userName, domain, password, LOGON32_LOGON_NETWORK_CLEARTEXT,
                                        LOGON32_PROVIDER_DEFAULT, out userToken) != 0);

            if (loggedOn == false)
            {
                int apiError = Marshal.GetLastWin32Error();
                StringBuilder errorMessage = new StringBuilder(1024);
                FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, null, apiError, 0, errorMessage, 1024, null);
                throw new Exception(errorMessage.ToString());
            }

            WindowsIdentity identity = new WindowsIdentity((IntPtr)userToken);
            winImpersonationContext = identity.Impersonate();

        }

        public static void UndoImpersonation()
        {
            if (winImpersonationContext != null)
            {
                winImpersonationContext.Undo();
            }
        }

    }
}

Use in Your Program:

Impersonate.ImpersonateUser("Domain", "Username", "UserPassword");

                     //Your Code as the new User

                Impersonate.UndoImpersonation();

jpabluz · Answer 2 · 2010-03-10T14:30:36.883

3

Personally, I prefer a wrapper class to handle this Impersonation.

So, you will be working with unmanaged code, but AFAIK there is no way to do this with managed code directly.

edited Mar 10 '10 at 14:30

answered Feb 17 '10 at 17:42

jpabluz

1,150
6
16

Your wrapper class code worked great. Simple cut and paste. Thanks! – Chris Patterson Aug 05 '14 at 15:56

How to impersonate another user?

2 Answers2

Linked