How to impersonate windows authenticated user
public class ImpersonatedUser : IDisposable
using System;
using System.Globalization;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Principal;
using System.Web.SessionState;
using EPiServer.Security;
namespace EPiServer
{
public class ImpersonatedWindowsUser
{
const int SecurityImpersonation = 2;
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
public const string SessionImpersonateWindowsUser =
"ImpersonatedWindowsUser";
[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("advapi32.dll",
SetLastError = true,
CharSet =
CharSet.Unicode)]
internal extern static bool LogonUser(
String userName,
String domain,
String password,
int logOnType,
int logOnProvider,
ref IntPtr token);
private string _logonDoamin;
private WindowsImpersonationContext _orginalWindowsUser;
private WindowsIdentity _impersonatedWindowsIdentity;
private IPrincipal _originalWindowsPrincipal;
public ImpersonatedWindowsUser(string logonDomain, string logonName)
{
Name = logonName;
_logonDoamin = logonDomain;
}
public bool LogOn(string password)
{
IntPtr tokenHandle = new IntPtr(0);
try
{
bool ret = LogonUser(
Name,
_logonDoamin,
password,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (ret)
{
_impersonatedWindowsIdentity =
new WindowsIdentity(tokenHandle);
}
return ret;
}
catch (ArgumentException ex)
{
throw new Exception("Can't logon windows user", ex);
}
catch (SecurityException ex)
{
throw new Exception("Can't logon windows user", ex);
}
}
public string ReturnHref { get; set; }
public string Name { get; private set; }
public void Impersonate()
{
if (_impersonatedWindowsIdentity == null)
{
throw new Exception(
String.Format(CultureInfo.InvariantCulture,
"Can't impersonate to a not logged on user '{0}\\{1}'",
_logonDoamin, Name));
}
_originalWindowsPrincipal = PrincipalInfo.CurrentPrincipal;
PrincipalInfo.CurrentPrincipal =
new WindowsPrincipal(_impersonatedWindowsIdentity);
_orginalWindowsUser = _impersonatedWindowsIdentity.Impersonate();
}
public void StoreInSession(HttpSessionState session)
{
if (LoadFromSession(session) != null)
{
throw new Exception("Can't impersonate a impersonated user");
}
session[SessionImpersonateWindowsUser] = this;
}
public void LogOff(HttpSessionState session)
{
_orginalWindowsUser.Undo();
session[SessionImpersonateWindowsUser] = null;
EPiServer.Security.PrincipalInfo.CurrentPrincipal =
_originalWindowsPrincipal;
}
static public ImpersonatedWindowsUser LoadFromSession(
HttpSessionState session)
{
return session[SessionImpersonateWindowsUser]
as ImpersonatedWindowsUser;
}
#region IDisposable Members
private bool _disposed;
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
private void Dispose(bool disposing)
{
if (!_disposed)
{
if (_impersonatedWindowsIdentity != null)
{
_impersonatedWindowsIdentity.Dispose();
}
if (_orginalWindowsUser != null)
{
_orginalWindowsUser.Undo();
}
_disposed = true;
}
}
~ImpersonatedWindowsUser()
{
Dispose(false);
}
#endregion
}
}