stackoom
  简体   繁体   中英

Impersonation MFC C++

 原文  2008-10-17 10:07:44       c++/ windows/ mfc/ impersonation

Question

I want to impersonate other user in Windows. For example: I create a directory with permission only for user A and for the administrators, when logon with user B and run .exe I want to impersonate user A to have permission to edit/remove/insert in that specific directory.

I found this: http://msdn.microsoft.com/en-us/library/aa374731(VS.85).aspx

2 answers

solution1
 4  2008-10-17 10:15:19

As a start, check out this article on windows user impersonation:

http://www.codeproject.com/KB/system/UserImpersonation.aspx

It should give you a place to start. If you need more controll you will need to look into Access Tokens.

solution2
 0  2008-10-17 11:34:26

If you want access to the folders of User A and the folders of User B, then you just need to setup folder permissions in such a way that administrators have permissions to get into all the folders. Normally machine administrators already have those rights. I am assuming here that are talking about normal windows user accounts, and normal machine/domain administrator accounts.

If you want to become User A its means you need User A's active permission to become that person. Impersonation is not simple (from what I have tried), you need to request access through your domain controller and negotiate that you are User B and that you have the rights to impersonate User A, generally that is done by User A and User B sharing and negotiating Credential Handles and Security Contexts. I doubt this is the type of process you're looking to follow.

Some useful functions would include:

To setup the context these are used and data is passed backwards and forwards between User A and User B to negotiate the impersonation 

AcquireCredentialsHandle()
InitializeSecurityContext()
AcceptSecurityContext()
CompleteAuthToken()

Once the negotiations are complete and a security context has been created, these are used to start and stop the impersonation. 

ImpersonateSecurityContext()
RevertContext()

I don't know of any other way to impersonate a user without the active participation of the user in question, or actively logging on as that user.

Hope this helps in some way.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Impersonation in visual c++ MFC serialize C++ MFC C++ Screenshot C++ MFC Serialization MFC programming in c++ C++ MFC build error but component is NOT MFC Alternatives to LogonUser for network impersonation (C++) Find Indexof in MFC C++ open dialog in MFC C++ MFC C++ lookup on CMAP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM