Advapi32 LogonUser Impersonate And WebClient with Network Credential

Question

Advapi32 LogonUser Impersonate And WebClient with Network Credential

Navigation

1

A week ago I was commissioned to do a communication project with a Webservice whose requests required a certificate. To obtain that certificate I was provided with a windows user along with his password and a network path where that certificate was located. The certificate is on one server (server A) and the application does everything on another server (server B).

To authenticate myself as that user, use the Impersonate functionality using the token returned by the LogonUser feature of Advapi32

Afterwards, my boss told me to use a WebClient object with a NetworkCredential to get the certificate. The access permissions of the network folder for this user are full access to that folder.

Reviewing the OpenRead WebClient method documentation link talks about that method performing a RETR operation From what I've seen, OpenRead makes a copy of the file from where it's stored to where it's being called. It would be like copying from Server A to Server B.

Per issue of permissions, I returned a AccessDenied all the time.

My question is, is it safe to use Impersonate or WebClient ? I have also seen that it is easy to sniff the requests of a weblclient.

Here is an example of the code I use for both cases:

A) WebClient

 WebClient myWebClient = new WebClient ();
 myWebClient.Credentials = new NetworkCredential 
 (ConfigurationManager.AppSettings [ "fileServerUser" ], pass, 
 ConfigurationManager.AppSettings [ "fileServerDom" ] );

 // Open a stream to point to the data stream coming from the Web resource.

 using ( Stream myStream = myWebClient.OpenRead ( "path" ) )
 {
       MemoryStream fileOnMemory = new MemoryStream ();
       using ( StreamReader reader = new StreamReader ( myStream ) )
       {
             myStream.CopyTo ( fileOnMemory );
             reader.Close ();
       }
 }

B) Impersonate

[DllImport ( "advapi32.dll", CharSet = CharSet.Auto, SetLastError = true )]
 public static extern bool LogonUser (string lpszUsername, string lpszDomain, 
string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);

 if ( Utilities.Network.NetworkUtilities.LogonUser ( userName, 
      Utils.Consts.DOMAIN, userPass, logonType, providerType, ref token ) )
 {
         using ( WindowsImpersonationContext person = new WindowsIdentity ( token ).Impersonate () )
         {

             //Do something
         }
  }

c# windows webservice

asked by Pablo Guerrero 22.05.2017 в 08:57

source

0 answers

When scrolling in a RecyclerView the elements change position Search through two inputs in the same form