"Yosh" <dp***@nospam.s atx.rr.com> wrote in message
news:u4******** ******@TK2MSFTN GP14.phx.gbl...
How do you validate a user that is currently logged in against a Security
Descriptor to see if they have access to an object?
Hope this makes sense.
You get the user's security token from
System.Security .Principal.Wind owsIdentity. You have to use P/Invoke to call
DuplicateToken to get a token with a SecurityImperso nationLevel of
SecurityIdentif ication and then you use P/Invoke to call AccessCheck or one
of its variants.
That's the 100,000 foot description.