Multiuser login into winforms application
Question
i have a winforms app in C# that needs access control for certain forms. That means, the application is running under the same (default) user at system startup, but certain forms need to be secured, so that only certain windows users could have access to the additional functions after identifying themself with username and password. For that step windows authentication should be used.
Now the tricky part. Although the application was started under a "normal" user I would like the superusers to "login" into the special form without restarting the entiere application.
My question now is. Is this possible (ie create one thread with the credentials of an administrator). Or do I need to setup another appdomain for that?
Please give me a hint wather the user of a running application could be changed somehow.
Thank you.
EDIT
I replaced administrators by "certain users" since the privileged user could be just another ordinary user that is granted access to the special functionality by the configuration of the installation.
3 answers
solution1
1 ACCPTED 2010-10-11 02:15:30
You have to put those forms or functionality which requires elevated permissions into a new AppDomain which is started with elevated permissions. You can create the domain once, when required and keep it around. Into this new AppDomain, you will load the necessary code modules which will contain the processes you need to run. You'll have to pass any necessary state or configuration across the AppDomain boundary since it's essentially a different process within your current process. The nice thing is that you can keep the AppDomain around after a while. It's not like a thread that runs and goes away when its done, so you can use it on-demand later for additional tasks. The magic is in how you pass the credentials or evidence to the new AppDomain (or process).
solution2
0
Just to make sure, you essentially want to elevate your process to Administrator rights only when actions that require said rights are performed?
If that's the case, it seems like it's not possible. See here.
One way of doing what you want is to use console arguments in your main assembly for each action you need to do. For example, for changing a system setting, you could Process.Start your main assembly with the argument " -change {...} ", and have that run under Administrator rights, while keeping your currently running process under the current user's privileges.
solution3
0 2011-01-12 19:48:12
I just found an article about "impersonation". At the moment I have not tested it but according to this article it should work that a method call can be executed under another user. Maybe this is of some help to someone.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.