/// <summary> /// Undo impersonation for calling thread /// </summary> /// <param name="token"></param> /// <param name="context"></param> /// <returns></returns> private static bool UndoImpersonation(ref SafeUserToken token, ref WindowsImpersonationContext context) { if (context != null) { context.Undo(); context = null; } if (token != null) { token.Dispose(); token = null; } return(true); }
internal static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, out SafeUserToken hToken);
protected override bool ReleaseHandle() { return(SafeUserToken.CloseHandle(base.handle)); }
public static TReturn Impersonate <TReturn, TParameter>( string userName, string domain, SecureString password, TParameter parameter, ImpersonationWorkFunction <TReturn, TParameter> impersonationWork, NativeMethod.LogonType logonMethod, NativeMethod.LogonProvider provider) { // Check the parameters if (string.IsNullOrEmpty(userName)) { throw new ArgumentNullException("userName"); } if (password == null) { throw new ArgumentNullException("password"); } if (impersonationWork == null) { throw new ArgumentNullException("impersonationWork"); } if (logonMethod < NativeMethod.LogonType.LOGON32_LOGON_INTERACTIVE | NativeMethod.LogonType.LOGON32_LOGON_NEW_CREDENTIALS < logonMethod) { throw new ArgumentOutOfRangeException("logonMethod"); } if (provider < NativeMethod.LogonProvider.LOGON32_PROVIDER_DEFAULT | NativeMethod.LogonProvider.LOGON32_PROVIDER_WINNT50 < provider) { throw new ArgumentOutOfRangeException("provider"); } IntPtr passwordPtr = IntPtr.Zero; SafeUserToken token = null; WindowsImpersonationContext context = null; try { // Convert the password to a string passwordPtr = Marshal.SecureStringToBSTR(password); IntPtr handle = IntPtr.Zero; // Attempts to log a user on to the local computer if (!NativeMethod.LogonUser(userName, domain, passwordPtr, logonMethod, provider, out handle)) { throw new Win32Exception(); } else { token = new SafeUserToken(ref handle); } } finally { // Erase the memory that the password was stored in if (!IntPtr.Zero.Equals(passwordPtr)) { Marshal.ZeroFreeBSTR(passwordPtr); } } try { // Impersonate Debug.Assert(token != null); context = WindowsIdentity.Impersonate(token.DangerousGetHandle()); // Call out to the work function return(impersonationWork(parameter)); } finally { // Clean up UndoImpersonation(ref token, ref context); } }