"Perceptions of trustworthiness often arise from the consistency between what you say and what you do."
- Shill and Moussa, The Art of Woo, Pg 107
Friday, March 19, 2010
Wednesday, March 17, 2010
Online Paint
Ever wanted to draw something online?
- Aviary.com: This one does a very nice job of giving you advanced editing features such as layers and such. While at it, also check out the music studio and fire-fox add-on which lets you snap pictures of sections of web pages. Well done.
- Google docs: You can now insert images right into your google doc. Well done. Each strokes can overlap, yet each one is automatically in a layer of its own. You can bring it forward and back.
- Digital drawing: it gives you the jpg preview online
- Art Pad: Pretty cool, but they want your email address so they can email your picture to you.
Thursday, March 11, 2010
Automating Impersonation in C# Code
Here's a quick way to impersonate in code. An example usage is provided at the bottom.
Create a new page in your App_Code folder and paste the following code there:
Example:
Create a new page in your App_Code folder and paste the following code there:
using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;
[assembly: SecurityPermissionAttribute(SecurityAction.RequestMinimum, UnmanagedCode = true)]
[assembly: PermissionSetAttribute(SecurityAction.RequestMinimum, Name = "FullTrust")]
public class CustomImpersonation
{
#region Fields
private IntPtr tokenHandle = new IntPtr(0);
private IntPtr dupeTokenHandle = new IntPtr(0);
private WindowsImpersonationContext impersonationContext;
#endregion
#region Ctor
public CustomImpersonation() : base() { }
#endregion
#region Extern Public Methods
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
//[DllImport("kernel32.dll", CharSet = System.Runtime.InteropServices.CharSet.Auto)]
//private unsafe static extern int FormatMessage(int dwFlags, ref IntPtr lpSource,
// int dwMessageId, int dwLanguageId, ref String lpBuffer, int nSize, IntPtr* Arguments);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
#endregion
#region Public Methods
///
/// Pass user account you wish to impersonate.
///
///
///
///
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public void Impersonate(string userName, string password, string domainName)
{
try
{
const int LOGON32_PROVIDER_DEFAULT = 0;
//This parameter causes LogonUser to create a primary token.
const int LOGON32_LOGON_INTERACTIVE = 2;
this.tokenHandle = IntPtr.Zero;
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(userName, domainName, password,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
ref tokenHandle);
if (false == returnValue)
{
int ret = Marshal.GetLastWin32Error();
throw new System.ComponentModel.Win32Exception(ret);
}
// Use the token handle returned by LogonUser.
WindowsIdentity newId = new WindowsIdentity(tokenHandle);
this.impersonationContext = newId.Impersonate();
}
catch (Exception ex)
{
throw ex;
}
}
///
/// Stop impersonating the user.
///
///
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public void Undo()
{
this.impersonationContext.Undo();
// Free the tokens.
if (this.tokenHandle != IntPtr.Zero)
CloseHandle(this.tokenHandle);
}
#endregion
}
//create new instance
CustomImpersonation myImpersonation = new CustomImpersonation();
try
{
// start impersonation
myImpersonation.Impersonate("username","password","domain");
//put the code you want to run while impersonating the user account here
} catch(Exception ex) {
throw ex;
} finally {
myImpersonation.Undo();
}
How to Write to the Event Log using C#
////// Logs a message to the eventlog and returns true if successful. /// public static bool LogMessageToEventLog(string source, string logName, string message, EventLogEntryType eventType, int eventId) { //need to impersonate user in order to gain access to the EventLog.SourceExists method System.Security.Principal.WindowsImpersonationContext impersonationContext=null; try { //impersonate the current windows user -- assumes your application is using windows authentication impersonationContext = ((System.Security.Principal.WindowsIdentity)HttpContext.Current.User.Identity).Impersonate(); //First we need to make sure that this source doesnt exist yet if (!EventLog.SourceExists(source)) { //Create our source by providing the source and the name of the //new log name EventLog.CreateEventSource(source, logName); //Due to latency we want to wait a bit for the source and //log to be created. So we will sleep for 3 seconds System.Threading.Thread.Sleep(3000); } //Now we need a new instance of the EventLog EventLog log = new EventLog(); //Set the source we're writing to log.Source = source; //Now write an entry log.WriteEntry(message, eventType, eventId); Debug.Print(message); return true; } catch (Exception ex) { Debug.Print(ex.Message); return false; } finally { if (impersonationContext != null) impersonationContext.Undo(); } }
Subscribe to:
Posts (Atom)