Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-29 Thread J. Merrill
My thought was that you would use your own user/password input mechanism (or the new ASP.NET user authentication controls) to know exactly who the user is, and to determine the proper "remoting identity" (and any other "security level" things). Then you'd call Impersonate to take advantage of r

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-22 Thread gregory young
--- Dominick Baier, DevelopMentor http://www.leastprivilege.com -Original Message- From: Discussion of advanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Itay Zandbank Sent: Mittwoch, 21. Juni 2006 10:48 To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM Subject: [ADVANCED-DOTNET] Prog

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-22 Thread Dominick Baier
ANCED-DOTNET@DISCUSS.DEVELOP.COM Subject: Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0 WindowsIdentity isn't serializable, but an IntPtr probably is. I can keep the token returned by LogonUser in the session. I like it better than the cache, but if that's the only

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-22 Thread Itay Zandbank
A little bit of both. We're going to have a few dozen users, and not all of them are going to be logged on at the same time. I want to know the user's identity for auditing as well, although this is just a happy side-effect, I mostly want it to keep things more secure. How can I use Windows

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-22 Thread Itay Zandbank
dvanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Itay Zandbank Sent: Mittwoch, 21. Juni 2006 10:48 To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM Subject: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0 In our web application, we want to impersonate the end user so that its identi

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-21 Thread J. Merrill
Are you needing to have huge numbers of different end-user identities to determine the proper behavior of your remoting code? If the remoting code has just a few levels of access, based on the user's "role" in your app, you could create a few artificial Windows users that correspond to those ro

Re: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-21 Thread Dominick Baier
entor http://www.leastprivilege.com -Original Message- From: Discussion of advanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Itay Zandbank Sent: Mittwoch, 21. Juni 2006 10:48 To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM Subject: [ADVANCED-DOTNET] Programmatic Impersonation in ASP.NE

[ADVANCED-DOTNET] Programmatic Impersonation in ASP.NET 2.0

2006-06-21 Thread Itay Zandbank
In our web application, we want to impersonate the end user so that its identity is carried through to our middle-tier remoting services. We can't use Windows Authentication (the users are located on the internet, with no access to our domain controller), so we need to do the impersonation oursel