Ask a Question related to ASP.NET Security, Design and Development.
-
Ed #1
Why DuplicateToken
Anybody know the reason the call to DuplicateToken is
needed in the Impersonation sample found at:
[url]http://msdn.microsoft.com/library/default.asp?[/url]
url=/library/en-
us/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityCl
assImpersonateTopic.asp
Since the underlying Win32 ImpersonateLoggedOnUser can
take the handle directly from the LogonUser. Why Duplicate
it?
----- Ed
Ed Guest
-
Lior Amar #2 Re: Why DuplicateToken
Hmm...good question. The only time you would need to call DuplicateToken
after a LogonUser is if the returned Token is not a Primary token. The only
tokens that can be impersonated are primary tokens. I would bet that
removing the DuplicateToken and using the token acquired with LogonUser
would still work.
Lior,
"Ed" <nowhere@nospam.com> wrote in message
news:192901c37941$835d22a0$a501280a@phx.gbl...> Anybody know the reason the call to DuplicateToken is
> needed in the Impersonation sample found at:
> [url]http://msdn.microsoft.com/library/default.asp?[/url]
> url=/library/en-
> us/cpref/html/frlrfSystemSecurityPrincipalWindowsIdentityCl
> assImpersonateTopic.asp
>
> Since the underlying Win32 ImpersonateLoggedOnUser can
> take the handle directly from the LogonUser. Why Duplicate
> it?
>
> ----- Ed
>
Lior Amar Guest
Reply With Quote
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
