Client-side application and impersonation

M

Martin

Can a browser-based cient-side application impersonate a domain user?

I am trying to host a client-side assembly in a browser. I need to
then impersonate a domain user account in the assembly to give me
access to network resources, and I'm not sure if I'm able to
impersonate a domain account on a client-side application. I've tried
using various samples for impersonation that use the LogonUser API
call in order to get a token, but this fails in my client app, due to
a security exception.

This is an Intranet environment, with the web server running XP. I
have tried running as a trusted site, but no difference.

Apologies in advance if this has gone to the wrong group.

Regards,
Martin
 
A

Alvin Bruney [ASP.NET MVP]

You are probably aware that this is no ordinary request, right? You can only
do this if your client can 'see' a domain account. Typically, your client
hosted in the browser has no direct access to the server so if the domain
account is on the server you won't be able to do this easily. If your code
running your client has access to a user context, you can extract the user
from the context and turn around and fire a active directory query but in
most cases the user context is null. The cheap way to see if your existing
code works is simply to turn cas policy off at the command prompt and see if
the application works. If it does, then you simply need to configure CAS
policy.

One way is to have an app or web service running on the server that can do
what you want. From your client, you just fire a web request to the server
to 'authenticate' the client.

--

Regards,
Alvin Bruney [MVP ASP.NET]

[Shameless Author plug]
The O.W.C. Black Book, 2nd Edition
Exclusively on www.lulu.com/owc $19.99
 
M

Martin

Hi Alvin,

Thanks for the reply on this - I was aware it was probably not
something I was going to be able to do with ease! I am probably being
a bit lazy, and was really hoping I could reuse the existing control
without much work.

It looks like I'll be doing as you say, and writing a web service.

Thanks again.

Martin
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Impersonation 6
Impersonation with SQL Server SSPI 3
Impersonation? 1
Impersonation with users of 2 domain (nor trusted) 0
Impersonation and Network Share 1
Authentication and impersonation 1
Issue with ASP.NET client, COM Interop, and Identity impersonation 12
Impersonation 4

Members online

No members online now.
Total: 53 (members: 0, guests: 53)
Robots: 414

Forum statistics

Threads
473,982
Messages
2,570,190
Members
46,740
Latest member
AdolphBig6

Latest Threads

Top