Monday, April 19, 2010

Development often requires impersonation with Sharepoint (MOSS) 2007

public class Impersonator
public string CurrentUser
return this.username;

public string Domain
return this.domain;

// private members for holding domain user account credentials
private string username = String.Empty;
private string password = String.Empty;
private string domain = String.Empty;
// this will hold the security context for reverting back to the client after impersonation operations are complete
private WindowsImpersonationContext impersonationContext = null;

// disable instantiation via default constructor
private Impersonator()
{ }

public Impersonator(string username, string domain, string password)
// set the properties used for domain user account
this.username = username;
this.domain = domain;
this.password = password;

private WindowsIdentity Logon()
IntPtr handle = new IntPtr(0);
handle = IntPtr.Zero;

// This stuff required for impersonation
//const int LOGON32_LOGON_NETWORK = 3;
//const int LOGON32_LOGON_SERVICE = 3;

// attempt to authenticate domain user account
// bool logonSucceeded = LogonUser(this.username, this.domain, this.password, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, ref handle);
bool logonSucceeded = LogonUser(this.username, this.domain, this.password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref handle);

if (!logonSucceeded)
// if the logon failed, get the error code and throw an exception
int errorCode = Marshal.GetLastWin32Error();
throw new Exception("User logon failed. Error Number: " + errorCode);

// if logon succeeds, create a WindowsIdentity instance
WindowsIdentity winIdentity = new WindowsIdentity(handle);

// close the open handle to the authenticated account

return winIdentity;

public void Impersonate()
// authenticates the domain user account and begins impersonating it
this.impersonationContext = this.Logon().Impersonate();

public void Undo()
// rever back to original security context which was store in the WindowsImpersonationContext instance

[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool LogonUser(string lpszUsername,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);

[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern bool CloseHandle(IntPtr handle);


No comments:

Shared Cache - .Net Caching made easy

All information about Shared Cache is available here: Its free and easy to use, we provide all sources at codeplex.

Facebook Badge