I currently have a VB Webservice that opens, edits and saves an MS Word 2003 document via impersonation (my code is below, for those searching for impersonation techniques).
Everything works fine, what I would like to know is if there is a better way of manipulating an MS Word 2003 document without using impersonation? Due to security reasons, I am hoping to find a better way of approaching this.
I would highly appreciate it if you could help me out on this (if it is even possible!)
Thanks a lot
Rossouw de Bruin
Code:
Expand|Select|Wrap|Line Numbers
- ' Values used by the LogonUser function's logonType parameter
- Public Enum LogonType
- LOGON32_LOGON_INTERACTIVE = 2
- LOGON32_LOGON_NETWORK = 3
- LOGON32_LOGON_BATCH = 4
- LOGON32_LOGON_SERVICE = 5
- LOGON32_LOGON_UNLOCK = 7
- LOGON32_LOGON_NETWORK_CLEARTEXT = 8
- LOGON32_LOGON_NEW_CREDENTIALS = 9
- End Enum
- ' Values used by the LogonUser function's logonProvider parameter
- Public Enum LogonProvider
- LOGON32_PROVIDER_DEFAULT = 0
- LOGON32_PROVIDER_WINNT35 = 1
- LOGON32_PROVIDER_WINNT40 = 2
- LOGON32_PROVIDER_WINNT50 = 3
- End Enum
- Declare Function LogonUser Lib "advapi32.dll" Alias _
- "LogonUserA" ( ByVal username As String, _
- ByVal domain As String, _
- ByVal password As String, _
- ByVal logonType As LogonType, _
- ByVal logonProvider As LogonProvider, _
- ByRef token As IntPtr _
- ) As Integer
- Public Sub LetterTemplate()
- Dim username As String = "username"
- Dim domain As String = "domain"
- Dim password As String = "password"
- ' A handle to the user who will be impersonated
- Dim token As IntPtr
- ' Log the user into Windows.
- Dim bLogonSuccessful As Boolean = Convert.ToBoolean( _
- LogonUser( _
- username, domain, password, _
- LogonType.LOGON32_LOGON_NETWORK, _
- LogonProvider.LOGON32_PROVIDER_DEFAULT, token))
- If Not bLogonSuccessful Then
- "Return something"
- End If
- ' Create a WindowsIdentity object that represents the logged-in user.
- Dim ident As New System.Security.Principal.WindowsIdentity(token)
- ' Impersonate the user.
- Dim ctx As System.Security.Principal.WindowsImpersonationContext = ident.Impersonate()
- '...... some other code
- 'Release the impersonation
- ctx.Undo()
- End Sub