When impersonating programmatically be sure to revert to original context

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

When using programmatic insertion, revert to the original security context as soon as possible. If you do not remember to revert, your application’s attack surface will be increased as it will be running under higher privileges than necessary. Use the using statement to revert impersonation automatically.

The following code snippet shows how to impersonate programmatically
public string GetData(int value)
 using (*ServiceSecurityContext*.Current.WindowsIdentity.*Impersonate*())
     // return the impersonated user (original users identity)
     return string.Format("Hi, {0}, you have entered: {1}",
          WindowsIdentity.GetCurrent().Name, value);

Last edited Apr 24, 2008 at 12:08 AM by prashantbansode, version 2


No comments yet.