Impersonating a Client

As discussed at the beginning of this chapter, to access secured objects, servers typically impersonate a client. During the impersonation process, the server's impersonation token assumes the security characteristics of the client. This simplifies the security model because Windows 2000 simply uses the thread's impersonation token to perform access checks.

To begin impersonation, the server calls one of the following impersonation functions:

• ImpersonateNamedPipeClient . Used when the client and server are connected via a named pipe

• ImpersonateLoggedOnUser . Used when the client is the currently logged on user

After a server has finished accessing resources on behalf of the client, it stops impersonating the client by calling the RevertToSelf function.

Public Declare Function ImpersonateNamedPipeClient Lib "advapi32.dll" ( _
    ByVal hNamedPipe As Long) As Long

Public Declare Function ImpersonateLoggedOnUser Lib "advapi32.dll" ( _
    ByVal hToken As Long) As Long

Public Declare Function RevertToSelf Lib "advapi32.dll" () As Long

As an example of how a server process uses impersonation to use the client's security context, the example in the next chapter takes you through the process of logging a user on and then impersonating that user. It uses the TestFileForAccess function in Listing 10.12. In the TestFileForAccess function, the server impersonates the logged-on user and attempts to open a filename passed as a parameter.

Code Listing 10.12. A Function That Impersonates a Client Before Attempting File Access

Private Declare Function ImpersonateLoggedOnUser Lib "advapi32.dll" ( _
    ByVal hToken As Long) As Long

Private Declare Function RevertToSelf Lib "advapi32.dll" () As Long

Public Function TestFileForAccess(hUser As Long, _
         szFileName As String) As Boolean
'*************************************************************
'* Written By: Mickey Williams/Davis Chapman
'* Date:       January 29, 2000
'*
'* Syntax:     TestFileForAccess(hUser, szFileName)
'*
'* Parameters: hUser As Long
'*             szFileName As String
'*
'* Purpose: Impersonate the logged in user and try to open the
'*          specified file to see if the user has access to the
'*          file.
'*************************************************************
    Dim hFile As Long
    Dim bAllowed As Boolean

    On Error GoTo TestFileForAccess_Err
    '--- Initialize the return value
    bAllowed = False

    '--- impersonate the client
    ImpersonateLoggedOnUser hUser

    '--- Open file for reading and writing
    hFile = FreeFile
    Open szFileName For Random Access Read Write As hFile
    '--- Able to open the file, change the return value
    bAllowed = True
    '--- Close the file
    Close hFile

TestFileForAccess_Err:
    '--- Revert to primary access token
    RevertToSelf
    TestFileForAccess = bAllowed
End Function
					
					
					
					
				

In Listing 10.12, the TestFileForAccess function begins by impersonating the client that is logged in. Next, the function attempts to open the file using the filename passed as a parameter. The file is accessed using the client's access token rather than the server's. Before returning, the function calls RevertToSelf to start using the server's access token rather than the impersonation token.