Is there a way in .Net to call a function or web service
under a different security context as the one that the
user is logged into?
For example, if a user calls web service 1 (WS1), WS1 is
now running under the user's security context. Is there a
way for WS1 to call another web service, WS2, but to
impersonate a totally different user account for the call? 3 5549
john,
It depends on the mechanism that is used to authenticate the user on the
remote web service. If it is using a windows challenge/response mechanism,
then you will have to change the current user to be the one that you want to
impersonate. If it is just using basic authentication, then you can just
set those parameters in the call, and you would not have to change the
current user that the process is running under.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- ni************* *@exisconsultin g.com
"john" <jo**@john.co m> wrote in message
news:23******** *************** *****@phx.gbl.. . Is there a way in .Net to call a function or web service under a different security context as the one that the user is logged into?
For example, if a user calls web service 1 (WS1), WS1 is now running under the user's security context. Is there a way for WS1 to call another web service, WS2, but to impersonate a totally different user account for the call?
John,
Take a look at the documentation for the Impersonate method on the
WindowsIdentity class. It will detail how you can use a call to the
LoginUser API function through the P/Invoke layer to get a handle to a user
that you can impersonate.
--
- Nicholas Paldino [.NET/C# MVP]
- ni************* *@exisconsultin g.com
"john" <jo**@john.co m> wrote in message
news:22******** *************** *****@phx.gbl.. . the second WS would use NT authentication to check for access. I dont want the user calling WS1 to have rights to WS2, but i want WS1 to call WS2 and impersonate a new user account. How would i go about doing this?
-----Original Message----- john,
It depends on the mechanism that is used to authenticate the user on theremote web service. If it is using a windows challenge/response mechanism,then you will have to change the current user to be the one that you want toimpersonate. If it is just using basic authentication, then you can justset those parameters in the call, and you would not have to change thecurrent user that the process is running under.
Hope this helps.
-- - Nicholas Paldino [.NET/C# MVP] - ni************* *@exisconsultin g.com
"john" <jo**@john.co m> wrote in message news:23******* *************** ******@phx.gbl. .. Is there a way in .Net to call a function or web service under a different security context as the one that the user is logged into?
For example, if a user calls web service 1 (WS1), WS1 is now running under the user's security context. Is there a way for WS1 to call another web service, WS2, but to impersonate a totally different user account for the call?
.
Perfect! Thanks -----Original Message----- John,
Take a look at the documentation for the Impersonate
method on theWindowsIdentit y class. It will detail how you can use a
call to theLoginUser API function through the P/Invoke layer to get
a handle to a userthat you can impersonate.
-- - Nicholas Paldino [.NET/C# MVP] - ni************* *@exisconsultin g.com
"john" <jo**@john.co m> wrote in message news:22******* *************** ******@phx.gbl. .. the second WS would use NT authentication to check for access. I dont want the user calling WS1 to have rights to WS2, but i want WS1 to call WS2 and impersonate a new user account. How would i go about doing this?
>-----Original Message----- >john, > > It depends on the mechanism that is used to authenticate the user on the >remote web service. If it is using a windows challenge/response mechanism, >then you will have to change the current user to be the one that you want to >impersonate. If it is just using basic authentication, then you can just >set those parameters in the call, and you would not
have to change the >current user that the process is running under. > > Hope this helps. > > >-- > - Nicholas Paldino [.NET/C# MVP] > - ni************* *@exisconsultin g.com > >"john" <jo**@john.co m> wrote in message >news:23******* *************** ******@phx.gbl. .. >> Is there a way in .Net to call a function or web
service >> under a different security context as the one that
the >> user is logged into? >> >> For example, if a user calls web service 1 (WS1),
WS1 is >> now running under the user's security context. Is there a >> way for WS1 to call another web service, WS2, but to >> impersonate a totally different user account for the call? > > >. >
. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Adam Warner |
last post by:
Hello all,
I'm very new to C but I have a number of years of Common Lisp programming
experience. I'm trying to figure out ways of translating higher order
concepts such as closures into C. The code will not be idiomatic C.
GCC has an extension to ISO C that permits nested functions:
<http://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html>
For implementing closures they have a serious limitation:
|
by: TTroy |
last post by:
Hi,
I'm just wondering why people/books/experts say "the function returns a
pointer to.." or "we have to send scanf a pointer to.." instead of "the
function returns the address of.." or "we have to send scanf the
address of.."
Isn't the lvalue called a POINTER TO and the (r)value called the
ADDRESS OF?
|
by: Cong Wang |
last post by:
Hi,all!
I found an interesting problem,it is that how to implement a C
function which can be called once and return twice? Just like the POSIX
function fork() or the library function longjmp().Only via using asm?
It is strange that I have searched the google groups and FAQs of this
group and "googled" the internet but find none useful info.
Thanks for any reply!
|
by: Bern McCarty |
last post by:
I have run an experiment to try to learn some things about floating point
performance in managed C++. I am using Visual Studio
2003. I was hoping to get a feel for whether or not it would make sense to
punch out from managed code to native code (I was using
IJW) in order to do some amount of floating point work and, if so, what that
certain amount of floating point work was
approximately.
To attempt to do this I made a program that...
|
by: AAguiar |
last post by:
I have an asp.net project where the code behind the aspx page calls a c#
class which makes calls to a managed static C++ class.
The C# class works fine when the asp net worker process starts, when it is
invoked by pressing "F5", or when the web.config file is modified.
In all these cases the web.config file contains <identity
impersonate="false" />.
The mysterious problem arrises when I set <identity impersonate="true"/> in
the...
| |
by: DS |
last post by:
I try to generate a excel workbook using Excel object in ASP.NET program.
When I implement the Excel workbook generation with out a thread it works
fine. When I wrap all the excel generation process inside a method, and spin
this method in a different thread I get the following error:
"An unhandled exception of type 'System.UnauthorizedAccessException'
occurred in Unknown Module.
Additional information: Access is denied."
I am stuck...
|
by: cooltoriz |
last post by:
Hello there,
I am not asking how to impersonate a process within C# windows
application. I already know that, in C# v2.0, you can easily achieve it
using ProcessStartInfo. You can run a process or call external program
as of different user.
The problem of that design is that the mother application is still
running as current user. I know that less privilege is more secure.
|
by: Felix Kater |
last post by:
Hi,
I can compile and run this code (see below) which twice calls the
function f, first with too less, second with too much arguments.
But is it legal and free of memory leaks and other problems? Of course,
I presume that inside f I don't access i in case it was called via g.
int f(int i){ /* ... */ return 0; }
|
by: Astley Le Jasper |
last post by:
Sorry for the numpty question ...
How do you find the reference name of an object?
So if i have this
bob = modulename.objectname()
how do i find that the name is 'bob'
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |