Wednesday, January 16, 2008

Simplified Impersonation Model

While playing with the new Named Pipe classes in 3.5 I noticed that a simpler model for impersonating the client is used here. Instead of putting the burden on the user to call Impersonate on a WindowsIdentity (and making sure that impersonation is undone correctly), you simply pass a delegate that should run impersonated to RunAsClient...interesting.

using (var server = new NamedPipeServerStream("pipe"))
{
    Console.WriteLine("waiting");
    server.WaitForConnection();
    Console.WriteLine("connected");

    using (var reader = new StreamReader(server))
    {
        string message = reader.ReadLine();

        string client = server.GetImpersonationUserName();
        Console.WriteLine("{0} says {1}", client, message);

        // runs under client identity
        server.RunAsClient(delegate
        {
            Console.WriteLine("impersonated identity: {0}",
                WindowsIdentity.GetCurrent().Name);
            
            // access some resource
        });
    }
}

FX Security | Samples | Work in Progress
Wednesday, January 16, 2008 6:15:28 AM UTC  #   

© Copyright 2010 Dominick Baier


RSS 2.0|Atom 1.0|CDF    Send mail to the author(s) | Page rendered at Monday, September 06, 2010 12:35:19 PM UTC