Example #1
0
        /// <summary>
        /// Impersonates the specified user account.
        /// </summary>
        /// <param name="userName">Name of the user.</param>
        /// <param name="domainName">Name of the domain.</param>
        /// <param name="password">The password. <see cref="System.String"/></param>
        /// <param name="logonType">Type of the logon.</param>
        /// <param name="logonProvider">The logon provider. <see cref="Mit.Sharepoint.WebParts.EventLogQuery.Network.LogonProvider"/></param>
        private void Impersonate(string NetworkLocation, string userName, string domainName, string password, LogonType logonType, LogonProvider logonProvider)
        {
            try
            {
                UndoImpersonation();

                /*
                 * if (userName.Contains("\\") || userName.Contains("/"))
                 * {
                 * string[] tokens = userName.Split(new char[] { '\\', '/' });
                 * if (tokens.Length != 2) throw new Exception("Expected user name to contain at most one / or \\ character.  User name: " + userName);
                 * if (domainName.Trim().Length != 0) throw new Exception("Cannot specify a / or \\ in user name when domain is also given.  User name: " + userName + "  Domain: " + domainName);
                 * domainName = tokens[0];
                 * userName = tokens[1];
                 * }
                 */

                IntPtr logonToken          = IntPtr.Zero;
                IntPtr logonTokenDuplicate = IntPtr.Zero;
                try
                {
                    // revert to the application pool identity, saving the identity of the current requestor
                    _wic = WindowsIdentity.Impersonate(IntPtr.Zero);

                    // do logon & impersonate
                    if (Win32NativeMethods.LogonUser(userName,
                                                     domainName,
                                                     password,
                                                     (int)logonType,
                                                     (int)logonProvider,
                                                     ref logonToken) != 0)
                    {
                        if (Win32NativeMethods.DuplicateToken(logonToken, (int)ImpersonationLevel.SecurityImpersonation, ref logonTokenDuplicate) != 0)
                        {
                            var wi = new WindowsIdentity(logonTokenDuplicate);
                            wi.Impersonate(); // discard the returned identity context (which is the context of the application pool)
                        }
                        else
                        {
                            ThrowSpecificException();
                        }
                    }
                    else
                    {
                        ThrowSpecificException();
                    }
                }
                finally
                {
                    if (logonToken != IntPtr.Zero)
                    {
                        Win32NativeMethods.CloseHandle(logonToken);
                    }

                    if (logonTokenDuplicate != IntPtr.Zero)
                    {
                        Win32NativeMethods.CloseHandle(logonTokenDuplicate);
                    }
                }
            }
            catch (Exception ex)
            {
                throw new IOException("Unable to access path:\n" + NetworkLocation + "\nAs username: "******"\nOn domain: " + domainName + "\nError: " + ex.ToString());
            }
        }