Re: Howto obtain WindowsIdentity for client calling method on COM+ application?

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 03/22/05

  • Next message: Eugene Mayevski: "Ann: Native PGP support for .NET" 
    Date: Tue, 22 Mar 2005 01:52:59 -0800

    Hello Morten,

    ok - this works differently under Enterprise Services - you cannot get a
    WindowsIdentity object, as everything in COM+ is handled via the SecurityCallContext.

    To impersonate you have to P/Invoke CoImpersonateClient and CoRevertToSelf
    - this is straightforward...

    void IServer.OpenFileInClientContext(string FileName)
    {
      try {
        COMSec.CoImpersonateClient(); // Do work on behalf of the client
      }
    finally {
        COMSec.CoRevertToSelf(); }
    }

    class COMSec {
      [DllImport("OLE32.DLL", CharSet=CharSet.Auto)]
      public static extern uint CoImpersonateClient();
      [DllImport("OLE32.DLL", CharSet=CharSet.Auto)]
      public static extern uint CoRevertToSelf();
    }

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Actually I want to get hold of the WindowsIdentity because I have to
    > impersonate the caller????
    > So how do you impersonate the caller?
    > Regards Morten
    >
    > "Dominick Baier [DevelopMentor]"
    > <dbaier@pleasepleasenospamdevelop.com> wrote in message
    > news:uPSRshiLFHA.1176@TK2MSFTNGP12.phx.gbl...
    >
    >> You mean the name of the caller??
    >>
    >> That's in SecurityCallContext.CurrentCall.DirectCaller.AccountName
    >>
    >> ---
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >> nntp://news.microsoft.com/microsoft.public.dotnet.security/<#ttsf3hLF
    >> HA.1884@TK2MSFTNGP15.phx.gbl>
    >>
    >> We have a COM+ application written in C# (a serviced component) thats
    >> get
    >> accessed by remote hosts on the network. How do I obtain the
    >> WindowsIdentity
    >> of the caller of my serviced-component?
    >> Regards Morten
    >>
    >> [microsoft.public.dotnet.security]
    >>

  • Next message: Eugene Mayevski: "Ann: Native PGP support for .NET"

    Relevant Pages

    • RE: WindowsIdentity.Impersonate() fails
      ... > Dominick Baier - DevelopMentor ... > creating WindowsIdentity object with the duplicatetoken obtained from ... > i am trying to impersonate but is gives error saying "unable to ...
      (microsoft.public.dotnet.security)
    • Question about handles when doing impersonation.
      ... I am using WindowsIdentity.Impersonate() to impersonate using a logon token ... acquired from the Win32 LogonUser account. ... I was wondering if it is safe to close the LogonUser handle passed to the ... or does the WindowsIdentity object close it when it is destroyed. ...
      (microsoft.public.dotnet.framework.aspnet.security)
    • Re: Howto obtain WindowsIdentity for client calling method on COM+ application?
      ... Actually I want to get hold of the WindowsIdentity because I have to ... So how do you impersonate the caller? ... > We have a COM+ application written in C# (a serviced component) thats get ...
      (microsoft.public.dotnet.security)
    • Quantcast