By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,573 Members | 1,797 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,573 IT Pros & Developers. It's quick & easy.

impersonation in web application

P: n/a
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then calling
w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does any
test project!

I set up this web application, the idea of which being to shell commands on
the web server and see the output in a webforms text box, from a remote
machine.
I thought the impersonation worked because all the return values were as
expected, and what's more a totally independent Environment.UserName function
returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that
command into a DOS box (logged on as bonj) it returns a whole list of text
files. I'm suspicous that there's some permissions thing that windows is
hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName
As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password, LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s + Environment.NewLine
If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub

Nov 21 '05 #1
Share this Question
Share on Google+
7 Replies


P: n/a
See this it should help:-
http://www.developer.com/security/article.php/3065031

"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:33**********************************@microsof t.com...
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then calling w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does any
test project!

I set up this web application, the idea of which being to shell commands on the web server and see the output in a webforms text box, from a remote
machine.
I thought the impersonation worked because all the return values were as
expected, and what's more a totally independent Environment.UserName function returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that
command into a DOS box (logged on as bonj) it returns a whole list of text
files. I'm suspicous that there's some permissions thing that windows is
hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName
As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password, LOGON32_LOGON_INTERACTIVE, _ LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s + Environment.NewLine If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub

Nov 21 '05 #2

P: n/a
Hi,

Well, the error is correct - there is no executable named "dir" (or dir.exe
or dir.bat etc) in the path. You should execute cmd.exe and then pass "dir"
as argument.

Another point is that the System.IO namespace has ready classes that make
one's life easier when in need to work with the filesystem (eg the static
method GetFiles(string, string) of the System.IO.Directory class returns the
results in the most convinient format - a string array; see:
http://msdn.microsoft.com/library/en...FilesTopic.asp)

Greetings
Martin
"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:33**********************************@microsof t.com...
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then calling w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does any
test project!

I set up this web application, the idea of which being to shell commands on the web server and see the output in a webforms text box, from a remote
machine.
I thought the impersonation worked because all the return values were as
expected, and what's more a totally independent Environment.UserName function returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that
command into a DOS box (logged on as bonj) it returns a whole list of text
files. I'm suspicous that there's some permissions thing that windows is
hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName
As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password, LOGON32_LOGON_INTERACTIVE, _ LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s + Environment.NewLine If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub

Nov 21 '05 #3

P: n/a
No, not really - it's mainly about "XML metabase" whatever that is, there is
a little bit about impersonation but it's a brief section about how to do it
via the config file, which is hardcoded and goes against my principles.

Thanks anyway though

Cheers

Nov 21 '05 #4

P: n/a
No, sorry, I'm not actually running that.
I should have explained that:
The name of the process I'm calling is cmd.exe, retrieved by calling
Environment.GetEnvironmentVariable("comspec")

and the argument is
"/c dir "c:\doucuments and ......./s /b"
and that it works perfectly for directories other than my personal one in
"c:\documents and settings", which is why I titled the post "impersonation
...." rather than something to do with shelling processes.
Thanks anyway

Cheers

"Martin Dechev" wrote:
Hi,

Well, the error is correct - there is no executable named "dir" (or dir.exe
or dir.bat etc) in the path. You should execute cmd.exe and then pass "dir"
as argument.

Another point is that the System.IO namespace has ready classes that make
one's life easier when in need to work with the filesystem (eg the static
method GetFiles(string, string) of the System.IO.Directory class returns the
results in the most convinient format - a string array; see:
http://msdn.microsoft.com/library/en...FilesTopic.asp)

Greetings
Martin
"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:33**********************************@microsof t.com...
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then

calling
w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does any
test project!

I set up this web application, the idea of which being to shell commands

on
the web server and see the output in a webforms text box, from a remote
machine.
I thought the impersonation worked because all the return values were as
expected, and what's more a totally independent Environment.UserName

function
returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that
command into a DOS box (logged on as bonj) it returns a whole list of text
files. I'm suspicous that there's some permissions thing that windows is
hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName
As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password,

LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s +

Environment.NewLine
If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub


Nov 21 '05 #5

P: n/a
Another point is that the System.IO namespace has ready classes that make
one's life easier when in need to work with the filesystem (eg the static
method GetFiles(string, string) of the System.IO.Directory class returns the
results in the most convinient format - a string array; see:
http://msdn.microsoft.com/library/en-
I'm not specifically trying to find out what files are on the drive. I'm
just trying to setup a process whereby I can run whatever command I want *on*
my own PC, *from* any other. The "dir" was just an example command, but then
it led me onto this folder permissions thing...
Yeah, yeah, I could use remoting. But, I could just give ASPNET's process
higher permissions. But I don't want to do that. I want to be sure
impersonation works...


us/cpref/html/frlrfSystemIODirectoryClassGetFilesTopic.asp)
Greetings
Martin
"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:33**********************************@microsof t.com...
Hi
I made a naff web application which uses the impersonation method in MSDN
(can't find it now, but it basically revolves around creating a token by
calling the LogonUser API, calling DuplicateToken API on it, and then

calling
w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm
brutally honest with myself ;-) however it leaves me curious, as does any
test project!

I set up this web application, the idea of which being to shell commands

on
the web server and see the output in a webforms text box, from a remote
machine.
I thought the impersonation worked because all the return values were as
expected, and what's more a totally independent Environment.UserName

function
returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that
command into a DOS box (logged on as bonj) it returns a whole list of text
files. I'm suspicous that there's some permissions thing that windows is
hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName
As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As
String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password,

LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s +

Environment.NewLine
If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub


Nov 21 '05 #6

P: n/a
Forgive me if I am misinterpreting what you are saying.

Running an .exe across a network will not cause it to execute on the machine
where the .exe resides. It will still execute on the machine doing the
calling.

There is a tool in the resourcekit that will allow your to start a process
on another machine. (can't remember the name right now)

There is also a way with Windows Script Host to start a process remotely.

Greg

I'm not specifically trying to find out what files are on the drive. I'm
just trying to setup a process whereby I can run whatever command I want
*on*
my own PC, *from* any other. The "dir" was just an example command, but
then
it led me onto this folder permissions thing...
Yeah, yeah, I could use remoting. But, I could just give ASPNET's process
higher permissions. But I don't want to do that. I want to be sure
impersonation works...

Nov 21 '05 #7

P: n/a
Hi,

Impersonation works. Although running executables and starting batches is
possible, it is not recommended doing it from the webserver because it is a
non-interactive execution - there's noone to respond to dialog boxes,
requested input, etc. It is always better if you can perform the tasks you
need using the provided framework classes or in cases when there is nothing
ready use platform invoke.

Greetings
Martin
"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:1E**********************************@microsof t.com...
Another point is that the System.IO namespace has ready classes that make one's life easier when in need to work with the filesystem (eg the static method GetFiles(string, string) of the System.IO.Directory class returns the results in the most convinient format - a string array; see:
http://msdn.microsoft.com/library/en-
I'm not specifically trying to find out what files are on the drive. I'm
just trying to setup a process whereby I can run whatever command I want

*on* my own PC, *from* any other. The "dir" was just an example command, but then it led me onto this folder permissions thing...
Yeah, yeah, I could use remoting. But, I could just give ASPNET's process
higher permissions. But I don't want to do that. I want to be sure
impersonation works...


us/cpref/html/frlrfSystemIODirectoryClassGetFilesTopic.asp)

Greetings
Martin
"Bonj" <Bo**@discussions.microsoft.com> wrote in message
news:33**********************************@microsof t.com...
Hi
I made a naff web application which uses the impersonation method in MSDN (can't find it now, but it basically revolves around creating a token by calling the LogonUser API, calling DuplicateToken API on it, and then

calling
w.Impersonate() where w is a System.Security.Principal.WindowsIdentity
object). This is the only real point of the said web application if I'm brutally honest with myself ;-) however it leaves me curious, as does any test project!

I set up this web application, the idea of which being to shell commands
on
the web server and see the output in a webforms text box, from a

remote machine.
I thought the impersonation worked because all the return values were as expected, and what's more a totally independent Environment.UserName

function
returned the username I had impersonated. However, when I try to do
"dir "c:\documents and settings\bonj\*.txt" /b /s
from the web application, it returns 'file not found' but when I copy that command into a DOS box (logged on as bonj) it returns a whole list of text files. I'm suspicous that there's some permissions thing that windows is hiding from me. What, though?

The code for the impersonation is this:

Public Class Impersonator
Implements IDisposable

Const LOGON32_LOGON_INTERACTIVE As Int32 = 2
Const LOGON32_PROVIDER_DEFAULT As Int32 = 0
Const SecurityImpersonation As Int32 = 2

Dim impersonationContext As WindowsImpersonationContext

Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUserName As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Int32, _
ByVal dwLogonProvider As Int32, _
ByRef phToken As IntPtr) As Int32
Declare Auto Function DuplicateToken Lib "advapi32.dll" _
(ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Int32, _
ByRef DuplicateTokenHandle As IntPtr) As Int32

Public Function Impersonate(ByVal UserName As String, ByVal Domain As String, ByVal Password As String) As Boolean

Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr
Dim tokenDuplicate As IntPtr

If LogonUser(UserName, Domain, password,

LOGON32_LOGON_INTERACTIVE, _
LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate) impersonationContext = tempWindowsIdentity.Impersonate() Return Not (impersonationContext Is Nothing)
End If
End If
End Function

Public Sub Dispose() Implements System.IDisposable.Dispose
If Not impersonationContext Is Nothing Then
impersonationContext.Undo()
End Sub
End Class
and the code for the cmdCommand click button on the web form is:

Private Sub cmdGo_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles cmdGo.Click
txtResults.Text = ""
Dim p As New Process
Dim psi As New
ProcessStartInfo(Environment.GetEnvironmentVariabl e("comspec"), _
"/c """ + txtCommand.Text + """")
psi.UseShellExecute = False
psi.CreateNoWindow = True
psi.RedirectStandardOutput = True
psi.RedirectStandardError = True
psi.WindowStyle = ProcessWindowStyle.Hidden
p.StartInfo = psi
p.Start()
Dim s As String, err As String
Do
s = p.StandardOutput.ReadLine
err = p.StandardError.ReadLine
If Not s Is Nothing Then txtResults.Text += s +

Environment.NewLine
If Not err Is Nothing Then txtResults.Text += err +
Environment.NewLine
Loop Until s Is Nothing
p.Dispose()
End Sub


Nov 21 '05 #8

This discussion thread is closed

Replies have been disabled for this discussion.