Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Impersonation using Microsoft Visual C# .NET and Windows 2000

92 views
Skip to first unread message
Message has been deleted
Message has been deleted

Dominick Baier

unread,
Sep 15, 2004, 5:55:52 PM9/15/04
to microsoft.public.dotnet.security
Why didn't you simply use "WindowsIdentity.Impersonate()" ??

---
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

nntp://news.microsoft.com/microsoft.public.dotnet.security/<acd4da3b.04091...@posting.google.com>

"richlm" <ric...@h0tmai1.com> wrote in message news:<#B0m9Fml...@TK2MSFTNGP14.phx.gbl>...
> There were a couple of posts in this newsgroup with a .NET code sample for
> SSPI.
> try:
> http://msdn.microsoft.com/newsgroups/default.aspx?dg=microsoft.public.dotnet.security&lang=en&cr=US
> then search for "SSPI". The last thread (How does LogonUser API work ...)
> includes a code sample.


With this posting, I was able to make an impersonation with Visual
Basic / C#. I had to adapt the code from the posting because it shows
a validation of user data. First, I changed the module to a class.
Then, I added the code which is responsible for impersonation to the
class. And I moved the code from the "FreeResourcesAndExit:" Label in
method SSPValidateUser to the destructur. The full code in given after
the lines with the asterisks.


*********************************************

'Reference: http://groups.google.ch/groups?hl=de&lr=&ie=UTF-8&selm=59EFE674-3838-4AF0-8EA4-AB8CD20D5BBF%40microsoft.com

Imports System.Runtime.InteropServices

Public Class SSPIImpersonation

Private Const HEAP_ZERO_MEMORY As Integer = &H8

Private Const SEC_WINNT_AUTH_IDENTITY_ANSI As Integer = &H1

Private Const SECBUFFER_TOKEN As Integer = &H2

Private Const SECURITY_NATIVE_DREP As Integer = &H10

Private Const SECPKG_CRED_INBOUND As Integer = &H1
Private Const SECPKG_CRED_OUTBOUND As Integer = &H2

Private Const SEC_I_CONTINUE_NEEDED As Integer = &H90312
Private Const SEC_I_COMPLETE_NEEDED As Integer = &H90313
Private Const SEC_I_COMPLETE_AND_CONTINUE As Integer = &H90314

Private Const VER_PLATFORM_WIN32_NT As Integer = &H2

Private intClientBuf As Integer
Private intServerBuf As Integer
Private asClient As AUTH_SEQ = Nothing
Private asServer As AUTH_SEQ = Nothing

Private Structure SecPkgInfo
Dim fCapabilities As Integer
Dim wVersion As Short
Dim wRPCID As Short
Dim cbMaxToken As Integer
Dim Name As Integer
Dim Comment As Integer
End Structure

Private Structure SecHandle
Dim dwLower As Integer
Dim dwUpper As Integer
End Structure

Private Structure AUTH_SEQ
Dim fInitialized As Boolean
Dim fHaveCredHandle As Boolean
Dim fHaveCtxtHandle As Boolean
Dim hcred As SecHandle
Dim hctxt As SecHandle
End Structure

Private Structure SEC_WINNT_AUTH_IDENTITY
Dim User As String
Dim UserLength As Integer
Dim Domain As String
Dim DomainLength As Integer
Dim Password As String
Dim PasswordLength As Integer
Dim Flags As Integer
End Structure

Private Structure TimeStamp
Dim LowPart As Integer
Dim HighPart As Integer
End Structure

Private Structure SecBuffer
Dim cbBuffer As Integer
Dim BufferType As Integer
Dim pvBuffer As Integer
End Structure

Private Structure SecBufferDesc
Dim ulVersion As Integer
Dim cBuffers As Integer
Dim pBuffers As Integer
End Structure

Private Declare Sub CopyMemory Lib "kernel32" Alias
"RtlMoveMemory" (ByVal Destination As Integer, ByRef Source As
SecBuffer, ByVal Length As Integer)
Private Declare Sub CopyMemory Lib "kernel32" Alias
"RtlMoveMemory" (ByRef Destination As SecBuffer, ByVal Source As
Integer, ByVal Length As Integer)
Private Declare Sub CopyMemory Lib "kernel32" Alias
"RtlMoveMemory" (ByRef Destination As SecPkgInfo, ByVal Source As
Integer, ByVal Length As Integer)

Private Declare Function NT4QuerySecurityPackageInfo Lib
"security" Alias "QuerySecurityPackageInfoA" (ByVal PackageName As
String, ByRef pPackageInfo As Integer) As Integer
Private Declare Function QuerySecurityPackageInfo Lib "secur32"
Alias "QuerySecurityPackageInfoA" (ByVal PackageName As String, ByRef
pPackageInfo As Integer) As Integer

Private Declare Function NT4FreeContextBuffer Lib "security" Alias
"FreeContextBuffer" (ByVal pvContextBuffer As Integer) As Integer
Private Declare Function FreeContextBuffer Lib "secur32" (ByVal
pvContextBuffer As Integer) As Integer

Private Declare Function NT4InitializeSecurityContext Lib
"security" Alias "InitializeSecurityContextA" _
(ByRef phCredential As SecHandle, ByRef phContext As
SecHandle, _
ByVal pszTargetName As Integer, ByVal fContextReq As
Integer, _
ByVal Reserved1 As Integer, ByVal TargetDataRep As
Integer, _
ByRef pInput As SecBufferDesc, ByVal Reserved2 As Integer,
_
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function InitializeSecurityContext Lib "secur32" _
Alias "InitializeSecurityContextA" _
(ByRef phCredential As SecHandle, ByRef phContext As
SecHandle, _
ByVal pszTargetName As Integer, ByVal fContextReq As
Integer, _
ByVal Reserved1 As Integer, ByVal TargetDataRep As
Integer, _
ByRef pInput As SecBufferDesc, ByVal Reserved2 As Integer,
_
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function NT4InitializeSecurityContext2 Lib
"security" Alias "InitializeSecurityContextA" _
(ByRef phCredential As SecHandle, ByVal phContext As
Integer, _
ByVal pszTargetName As Integer, ByVal fContextReq As
Integer, _
ByVal Reserved1 As Integer, ByVal TargetDataRep As
Integer, _
ByVal pInput As Integer, ByVal Reserved2 As Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function InitializeSecurityContext2 Lib "secur32"
Alias "InitializeSecurityContextA" _
(ByRef phCredential As SecHandle, ByVal phContext As
Integer, _
ByVal pszTargetName As Integer, ByVal fContextReq As
Integer, _
ByVal Reserved1 As Integer, ByVal TargetDataRep As
Integer, _
ByVal pInput As Integer, ByVal Reserved2 As Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function NT4AcquireCredentialsHandle Lib
"security" Alias "AcquireCredentialsHandleA" _
(ByVal pszPrincipal As Integer, _
ByVal pszPackage As String, ByVal fCredentialUse As
Integer, _
ByVal pvLogonId As Integer, _
ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, _
ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As
Integer, _
ByRef phCredential As SecHandle, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function AcquireCredentialsHandle Lib "secur32"
Alias "AcquireCredentialsHandleA" _
(ByVal pszPrincipal As Integer, _
ByVal pszPackage As String, ByVal fCredentialUse As
Integer, _
ByVal pvLogonId As Integer, _
ByRef pAuthData As SEC_WINNT_AUTH_IDENTITY, _
ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As
Integer, _
ByRef phCredential As SecHandle, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function NT4AcquireCredentialsHandle2 Lib
"security" Alias "AcquireCredentialsHandleA" _
(ByVal pszPrincipal As Integer, _
ByVal pszPackage As String, ByVal fCredentialUse As
Integer, _
ByVal pvLogonId As Integer, ByVal pAuthData As Integer, _
ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As
Integer, _
ByRef phCredential As SecHandle, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function AcquireCredentialsHandle2 Lib "secur32"
Alias "AcquireCredentialsHandleA" _
(ByVal pszPrincipal As Integer, _
ByVal pszPackage As String, ByVal fCredentialUse As
Integer, _
ByVal pvLogonId As Integer, ByVal pAuthData As Integer, _
ByVal pGetKeyFn As Integer, ByVal pvGetKeyArgument As
Integer, _
ByRef phCredential As SecHandle, ByRef ptsExpiry As
TimeStamp) As Integer


Private Declare Function NT4AcceptSecurityContext Lib "security"
Alias "AcceptSecurityContext" _
(ByRef phCredential As SecHandle, _
ByRef phContext As SecHandle, ByRef pInput As
SecBufferDesc, _
ByVal fContextReq As Integer, ByVal TargetDataRep As
Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function AcceptSecurityContext Lib "secur32" _
(ByRef phCredential As SecHandle, _
ByRef phContext As SecHandle, ByRef pInput As
SecBufferDesc, _
ByVal fContextReq As Integer, ByVal TargetDataRep As
Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer


Private Declare Function NT4ImpersonateSecurityContext Lib
"security" Alias "ImpersonateSecurityContext" _
(ByRef phContext As SecHandle) As Integer

Private Declare Function ImpersonateSecurityContext Lib "secur32"
_
(ByRef phContext As SecHandle) As Integer


Private Declare Function NT4RevertSecurityContext Lib "security"
Alias "RevertSecurityContext" _
(ByRef phContext As SecHandle) As Integer

Private Declare Function RevertSecurityContext Lib "secur32" _
(ByRef phContext As SecHandle) As Integer


Private Declare Function NT4AcceptSecurityContext2 Lib "security"
Alias "AcceptSecurityContext" _
(ByRef phCredential As SecHandle, _
ByVal phContext As Integer, ByRef pInput As SecBufferDesc,
_
ByVal fContextReq As Integer, ByVal TargetDataRep As
Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer

Private Declare Function AcceptSecurityContext2 Lib "secur32"
Alias "AcceptSecurityContext" _
(ByRef phCredential As SecHandle, _
ByVal phContext As Integer, ByRef pInput As SecBufferDesc,
_
ByVal fContextReq As Integer, ByVal TargetDataRep As
Integer, _
ByRef phNewContext As SecHandle, ByRef pOutput As
SecBufferDesc, _
ByRef pfContextAttr As Integer, ByRef ptsExpiry As
TimeStamp) As Integer


Private Declare Function NT4CompleteAuthToken Lib "security" Alias
"CompleteAuthToken" _
(ByRef phContext As SecHandle, _
ByRef pToken As SecBufferDesc) As Integer
Private Declare Function CompleteAuthToken Lib "secur32" _
(ByRef phContext As SecHandle, _
ByRef pToken As SecBufferDesc) As Integer

Private Declare Function NT4DeleteSecurityContext Lib "security" _
Alias "DeleteSecurityContext" (ByRef phContext As
SecHandle) _
As Integer
Private Declare Function DeleteSecurityContext Lib "secur32" _
(ByRef phContext As SecHandle) _
As Integer

Private Declare Function NT4FreeCredentialsHandle Lib "security" _
Alias "FreeCredentialsHandle" (ByRef phContext As
SecHandle) _
As Integer
Private Declare Function FreeCredentialsHandle Lib "secur32" _
(ByRef phContext As SecHandle) _
As Integer

Private Declare Function GetProcessHeap Lib "kernel32" () As
Integer

Private Declare Function HeapAlloc Lib "kernel32" _
(ByVal hHeap As Integer, ByVal dwFlags As Integer, _
ByVal dwBytes As Integer) As Integer

Private Declare Function HeapFree Lib "kernel32" (ByVal hHeap As
Integer, _
ByVal dwFlags As Integer, ByVal lpMem As Integer) As
Integer

Dim g_NT4 As Boolean


Public Sub New(ByVal accountname As String, ByVal password As
String, ByVal domain As String)

If SSPValidateUser(accountname, domain, password) Then
Console.Write("User Credential are valid" + vbCrLf)
Else
Console.Write("User Credential couldn't be validated" +
vbCrLf)
End If
End Sub

Public Overridable Sub Dispose()
' Clean up resources
If asClient.fHaveCtxtHandle Then
If g_NT4 Then
NT4DeleteSecurityContext(asClient.hctxt)
Else
DeleteSecurityContext(asClient.hctxt)
End If
End If

If asClient.fHaveCredHandle Then
If g_NT4 Then
NT4FreeCredentialsHandle(asClient.hcred)
Else
FreeCredentialsHandle(asClient.hcred)
End If
End If

If asServer.fHaveCtxtHandle Then
If g_NT4 Then
NT4DeleteSecurityContext(asServer.hctxt)
Else
DeleteSecurityContext(asServer.hctxt)
End If
End If

If asServer.fHaveCredHandle Then
If g_NT4 Then
NT4FreeCredentialsHandle(asServer.hcred)
Else
FreeCredentialsHandle(asServer.hcred)
End If
End If

If intClientBuf <> 0 Then
HeapFree(GetProcessHeap(), 0, intClientBuf)
End If

If intServerBuf <> 0 Then
HeapFree(GetProcessHeap(), 0, intServerBuf)
End If
End Sub


Private Function GenClientContext(ByRef AuthSeq As AUTH_SEQ, _
ByRef AuthIdentity As SEC_WINNT_AUTH_IDENTITY, _
ByVal pIn As Integer, ByVal cbIn As Integer, _
ByVal pOut As Integer, ByRef cbOut As Integer, _
ByRef fDone As Boolean) As Boolean

Dim ss As Integer
Dim tsExpiry As TimeStamp
Dim sbdOut As SecBufferDesc
Dim sbOut As SecBuffer
Dim sbdIn As SecBufferDesc
Dim sbIn As SecBuffer
Dim fContextAttr As Integer

GenClientContext = False

If Not AuthSeq.fInitialized Then
If g_NT4 Then
ss = NT4AcquireCredentialsHandle(0&, "NTLM", _
SECPKG_CRED_OUTBOUND, 0&, AuthIdentity, 0&,
0&, _
AuthSeq.hcred, tsExpiry)
Else
ss = AcquireCredentialsHandle(0&, "NTLM", _
SECPKG_CRED_OUTBOUND, 0&, AuthIdentity, 0&,
0&, _
AuthSeq.hcred, tsExpiry)
End If

If ss < 0 Then
Exit Function
End If

AuthSeq.fHaveCredHandle = True
End If

' Prepare output buffer
sbdOut.ulVersion = 0
sbdOut.cBuffers = 1
sbdOut.pBuffers = HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY, Marshal.SizeOf(sbOut))

sbOut.cbBuffer = cbOut
sbOut.BufferType = SECBUFFER_TOKEN
sbOut.pvBuffer = pOut

CopyMemory(sbdOut.pBuffers, sbOut, Marshal.SizeOf(sbOut))

' Prepare input buffer
If AuthSeq.fInitialized Then
sbdIn.ulVersion = 0
sbdIn.cBuffers = 1
sbdIn.pBuffers = HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY, Marshal.SizeOf(sbIn))

sbIn.cbBuffer = cbIn
sbIn.BufferType = SECBUFFER_TOKEN
sbIn.pvBuffer = pIn

CopyMemory(sbdIn.pBuffers, sbIn, Marshal.SizeOf(sbIn))
End If

If AuthSeq.fInitialized Then
If g_NT4 Then
ss = NT4InitializeSecurityContext(AuthSeq.hcred, _
AuthSeq.hctxt, 0&, 0, 0, SECURITY_NATIVE_DREP,
sbdIn, _
0, AuthSeq.hctxt, sbdOut, fContextAttr,
tsExpiry)
Else
ss = InitializeSecurityContext(AuthSeq.hcred, _
AuthSeq.hctxt, 0&, 0, 0, SECURITY_NATIVE_DREP,
sbdIn, _
0, AuthSeq.hctxt, sbdOut, fContextAttr,
tsExpiry)
End If
Else
If g_NT4 Then
ss = NT4InitializeSecurityContext2(AuthSeq.hcred, 0&,
0&, _
0, 0, SECURITY_NATIVE_DREP, 0&, 0,
AuthSeq.hctxt, _
sbdOut, fContextAttr, tsExpiry)
Else
ss = InitializeSecurityContext2(AuthSeq.hcred, 0&, 0&,
_
0, 0, SECURITY_NATIVE_DREP, 0&, 0,
AuthSeq.hctxt, _
sbdOut, fContextAttr, tsExpiry)
End If
End If

If ss < 0 Then
GoTo FreeResourcesAndExit
End If

AuthSeq.fHaveCtxtHandle = True

' If necessary, complete token
If ss = SEC_I_COMPLETE_NEEDED Or ss =
SEC_I_COMPLETE_AND_CONTINUE Then
If g_NT4 Then
ss = NT4CompleteAuthToken(AuthSeq.hctxt, sbdOut)
Else
ss = CompleteAuthToken(AuthSeq.hctxt, sbdOut)
End If

If ss < 0 Then
GoTo FreeResourcesAndExit
End If
End If

CopyMemory(sbOut, sbdOut.pBuffers, Marshal.SizeOf(sbOut))
cbOut = sbOut.cbBuffer

If Not AuthSeq.fInitialized Then
AuthSeq.fInitialized = True
End If

fDone = Not (ss = SEC_I_CONTINUE_NEEDED Or ss =
SEC_I_COMPLETE_AND_CONTINUE)

GenClientContext = True

FreeResourcesAndExit:

If sbdOut.pBuffers <> 0 Then
HeapFree(GetProcessHeap(), 0, sbdOut.pBuffers)
End If

If sbdIn.pBuffers <> 0 Then
HeapFree(GetProcessHeap(), 0, sbdIn.pBuffers)
End If
End Function

Private Function GenServerContext(ByRef AuthSeq As AUTH_SEQ, _
ByVal pIn As Integer, ByVal cbIn As Integer, _
ByVal pOut As Integer, ByRef cbOut As Integer, _
ByRef fDone As Boolean) As Boolean

Dim ss As Integer
Dim tsExpiry As TimeStamp
Dim sbdOut As SecBufferDesc
Dim sbOut As SecBuffer
Dim sbdIn As SecBufferDesc
Dim sbIn As SecBuffer
Dim fContextAttr As Integer

GenServerContext = False

If Not AuthSeq.fInitialized Then
If g_NT4 Then
ss = NT4AcquireCredentialsHandle2(0&, "NTLM", _
SECPKG_CRED_INBOUND, 0&, 0&, 0&, 0&,
AuthSeq.hcred, _
tsExpiry)
Else
ss = AcquireCredentialsHandle2(0&, "NTLM", _
SECPKG_CRED_INBOUND, 0&, 0&, 0&, 0&,
AuthSeq.hcred, _
tsExpiry)
End If

If ss < 0 Then
Exit Function
End If

AuthSeq.fHaveCredHandle = True
End If

' Prepare output buffer
sbdOut.ulVersion = 0
sbdOut.cBuffers = 1
sbdOut.pBuffers = HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY, Marshal.SizeOf(sbOut))

sbOut.cbBuffer = cbOut
sbOut.BufferType = SECBUFFER_TOKEN
sbOut.pvBuffer = pOut

CopyMemory(sbdOut.pBuffers, sbOut, Marshal.SizeOf(sbOut))

' Prepare input buffer
sbdIn.ulVersion = 0
sbdIn.cBuffers = 1
sbdIn.pBuffers = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
Marshal.SizeOf(sbIn))

sbIn.cbBuffer = cbIn
sbIn.BufferType = SECBUFFER_TOKEN
sbIn.pvBuffer = pIn

CopyMemory(sbdIn.pBuffers, sbIn, Marshal.SizeOf(sbIn))

If AuthSeq.fInitialized Then
If g_NT4 Then
ss = NT4AcceptSecurityContext(AuthSeq.hcred,
AuthSeq.hctxt, _
sbdIn, 0, SECURITY_NATIVE_DREP, AuthSeq.hctxt,
sbdOut, _
fContextAttr, tsExpiry)
Else
ss = AcceptSecurityContext(AuthSeq.hcred,
AuthSeq.hctxt, _
sbdIn, 0&, SECURITY_NATIVE_DREP,
AuthSeq.hctxt, sbdOut, _
fContextAttr, tsExpiry)
End If
Else
If g_NT4 Then
ss = NT4AcceptSecurityContext2(AuthSeq.hcred, 0&,
sbdIn, 0, _
SECURITY_NATIVE_DREP, AuthSeq.hctxt, sbdOut, _
fContextAttr, tsExpiry)
Else
ss = AcceptSecurityContext2(AuthSeq.hcred, 0&, sbdIn,
0, _
SECURITY_NATIVE_DREP, AuthSeq.hctxt, sbdOut, _
fContextAttr, tsExpiry)
End If
End If

If ss < 0 Then
GoTo FreeResourcesAndExit
End If

AuthSeq.fHaveCtxtHandle = True

' If necessary, complete token
If ss = SEC_I_COMPLETE_NEEDED Or ss =
SEC_I_COMPLETE_AND_CONTINUE Then
If g_NT4 Then
ss = NT4CompleteAuthToken(AuthSeq.hctxt, sbdOut)
Else
ss = CompleteAuthToken(AuthSeq.hctxt, sbdOut)
End If

If ss < 0 Then
GoTo FreeResourcesAndExit
End If
End If

CopyMemory(sbOut, sbdOut.pBuffers, Marshal.SizeOf(sbOut))
cbOut = sbOut.cbBuffer

If Not AuthSeq.fInitialized Then
AuthSeq.fInitialized = True
End If

fDone = Not (ss = SEC_I_CONTINUE_NEEDED Or ss =
SEC_I_COMPLETE_AND_CONTINUE)

GenServerContext = True

FreeResourcesAndExit:

If sbdOut.pBuffers <> 0 Then
HeapFree(GetProcessHeap(), 0, sbdOut.pBuffers)
End If

If sbdIn.pBuffers <> 0 Then
HeapFree(GetProcessHeap(), 0, sbdIn.pBuffers)
End If

End Function

Private Function SSPValidateUser(ByVal User As String, ByVal
Domain As String, ByVal Password As String) As Boolean
Dim pSPI As Integer
Dim SPI As SecPkgInfo
Dim cbMaxToken As Integer


Dim ai As SEC_WINNT_AUTH_IDENTITY

asClient = Nothing
asServer = Nothing
intClientBuf = 0
intServerBuf = 0

Dim cbIn As Integer
Dim cbOut As Integer
Dim fDone As Boolean

SSPValidateUser = False

' Determine if system is Windows NT (version 4.0 or earlier)
g_NT4 = (System.Environment.OSVersion.Platform =
VER_PLATFORM_WIN32_NT And System.Environment.OSVersion.Version.Major
<= 4)

' Get max token size
If g_NT4 Then
NT4QuerySecurityPackageInfo("NTLM", pSPI)
Else
QuerySecurityPackageInfo("NTLM", pSPI)
End If

CopyMemory(SPI, pSPI, Marshal.SizeOf(SPI))
cbMaxToken = SPI.cbMaxToken

If g_NT4 Then
NT4FreeContextBuffer(pSPI)
Else
FreeContextBuffer(pSPI)
End If

' Allocate buffers for client and server messages
intClientBuf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
cbMaxToken)
If intClientBuf = 0 Then
GoTo FreeResourcesAndExit
End If

intServerBuf = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
cbMaxToken)
If intServerBuf = 0 Then
GoTo FreeResourcesAndExit
End If

' Initialize auth identity structure
ai.Domain = Domain
ai.DomainLength = Domain.Length
ai.User = User
ai.UserLength = User.Length
ai.Password = Password
ai.PasswordLength = Password.Length
ai.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI

' Prepare client message (negotiate) .
cbOut = cbMaxToken
If Not GenClientContext(asClient, ai, 0, 0, intClientBuf,
cbOut, fDone) Then
GoTo FreeResourcesAndExit
End If

' Prepare server message (challenge) .
cbIn = cbOut
cbOut = cbMaxToken
If Not GenServerContext(asServer, intClientBuf, cbIn,
intServerBuf, cbOut, fDone) Then
GoTo FreeResourcesAndExit
End If

' Prepare client message (authenticate) .
cbIn = cbOut
cbOut = cbMaxToken
If Not GenClientContext(asClient, ai, intServerBuf, cbIn,
intClientBuf, cbOut, fDone) Then
GoTo FreeResourcesAndExit
End If

' Prepare server message (authentication) .
cbIn = cbOut
cbOut = cbMaxToken
If Not GenServerContext(asServer, intClientBuf, cbIn,
intServerBuf, cbOut, fDone) Then
GoTo FreeResourcesAndExit
End If

SSPValidateUser = True

FreeResourcesAndExit:
'Code moved to destructor
End Function

' Impersonates the actual user by the user
' given in the constuctor. Use the function RevertUser
' to log off the impersonated user and use the actual user again.
' Returns SEC_E_OK, if no error occured, SEC_E_INVALID_HANDLE, if
' no impersonation could take place.
Function ImpersonateUser() As Integer
Dim ss As Integer

If g_NT4 Then
ss = NT4ImpersonateSecurityContext(asServer.hctxt)
Else
ss = ImpersonateSecurityContext(asServer.hctxt)
End If

ImpersonateUser = ss
End Function

' Logs off the impersonated user and uses the actual user again.
' Use the function ImpersonateUser for impersonating.
' Returns SEC_E_OK, if no error occured, SEC_E_INVALID_HANDLE, if
' no revertion could take place.
Public Function RevertUser() As Integer
Dim ss As Integer

If g_NT4 Then
ss = NT4RevertSecurityContext(asServer.hctxt)
Else
ss = RevertSecurityContext(asServer.hctxt)
End If

RevertUser = ss
End Function

End Class

[microsoft.public.dotnet.security]

richlm

unread,
Sep 20, 2004, 7:10:22 AM9/20/04
to
The original post related to the problem of using
WindowsIdentity.Impersonate with the token returned from Win32 LogonUser()
function. On Win2K this requires SE_TCB privilege (act as part of the
operating system).


0 new messages