Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Impersonation problem

  Asked By: Rohit    Date: Oct 10    Category: Sharepoint    Views: 1188

I am using code for impersonation, to impersonate my administrator
account of ( 'userOne' on 'MyDomain') on Server where share point
portal is installed.
the code block for impersonation works fine as long as simple
printing is performed and no special activity is performed. initially
i had two labels and an impersonation block. In my impersonation
block
System.Security.Principal.WindowsIdentity.GetCurrent().Name;
returned me successfully impersonated user which is a user with
administrative rights

and after undo(ing) impersonation,
System.Security.Principal.WindowsIdentity.GetCurrent().Name;
returned me successfully the logged in user in current context.

Uptill now code is working as per expectation now i targetted to add
user to existing role and add some new roles by impersonating the
account of user which administrator on my server.
code works fine on the system of user who is also adminsitrator on
server or is an administrator user on share point portal server but
it does not works fine on reader user of share point portal server or
on a user who has 0 or minimal rights on server.
In other words when ever i try to perform some administrative
activity by impersonating admin account for reader accounts it asks
for user credential for which only if he provides the impersonated
accout credentials it works other wise it doesnt below is the
relevant code provided.


private void Button1_Click(object sender, System.EventArgs e)
{
try
{

bool resultFlag = false;

lblText.Text = "1";
SPWeb web = SPControl.GetContextWeb
(Context);
lblText.Text = "2";
SPUser currentUser = web.CurrentUser;
lblText.Text = "3";
SPRole existingRole = web.Roles
["DEMO"];

WindowsImpersonationContext wic =
CreateIdentity("userOne","MyDomain","passwordOne").Impersonate();
//existingRole.AddUser(currentUser);
//web.Roles.Add("testRole","role for
extreme testing purposes ",SPRights.ViewPages);
lblText.Text =
System.Security.Principal.WindowsIdentity.GetCurrent().Name;
wic.Undo();
lblText2.Text =
System.Security.Principal.WindowsIdentity.GetCurrent().Name;




}
catch(Exception ex)
{
lblText.Text = ex.Message;
}
}


protected static WindowsIdentity CreateIdentity
(string User, string Domain, string Password)
{
// The Windows NT user token.
IntPtr tokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_NETWORK = 3;

tokenHandle = IntPtr.Zero;

// Call LogonUser to obtain a handle to an
access token.
bool returnValue = LogonUser(User, Domain,
Password,
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);

if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
throw new Exception("LogonUser failed
with error code: " + ret);
}

System.Diagnostics.Debug.WriteLine("Created
user token: " + tokenHandle);

//The WindowsIdentity class makes a new copy
of the token.
//It also handles calling CloseHandle for the
copy.
WindowsIdentity id = new WindowsIdentity
(tokenHandle);
CloseHandle(tokenHandle);
return id;
}

[DllImport("advapi32.dll", SetLastError=true)]
private static extern bool LogonUser(String
lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, ref
IntPtr phToken);

[DllImport("kernel32.dll", CharSet=CharSet.Auto)]
private extern static bool CloseHandle(IntPtr handle);

Share: 

 

1 Answer Found

 
Answer #1    Answered By: Akshara Negalur     Answered On: Oct 10

I m stating ur problem  in my own words  as i hve
understood it.

the problem, is simply that, the impersonation  doesn't
give a reader  administrative rights.

It simply means, that the impersonation doesn't work
properly.

I hve faced the same problem some time before.

the bug, i detected was simply that...
i was using SPSite site =
SPControl.GetContextSite(Context);

instead of SPSite site = new
SPSite("http://myspsServer");

so, plz. try this code  in order to get in to the
object model library.

 
Didn't find what you were looking for? Find more on Impersonation problem Or get search suggestion and latest updates.




Tagged: