Impersonation - Is this possible?

[Stevie]

I am trying to design a windows forms application (not asp.net) in C#, and need to know if the following scenario is possible :

Once my application is running I need to be able to impersonate another user account which will have access to a network drive that the current user account does not have access to. Is it possible to impersonate the required user account and map to the drive in code, enabling the current user to view the required files?

I need to do this so that users can only view/alter files from my application. All the files will only be accessible via a user account (which only the admin will know), thus stopping tampering with the files except via the application.

Can anybody can tell me if this is possible, and if it is possible some example code would be much appreciated.

[wossname]

Short answer: No








Long answer: Nooooooooooooooo

[Pirate]

Did yo search the MSDN Help . I found the example "Allows code to impersonate a different Windows user " , it could be what you're looking for .

[hellswraith]

You are doing somthing wrong if you need to impersonate someone in your application. First of all, you will need to store the identity information in your application. This is just wrong for all kinds of reasons.

Think about creating a web service or something that controls access to the resource if it is precious enough to not let users access normally. Then, users can still access the web service directly, but they can only do what the web service normally does for your application.

The other way, if they get access to the user name/password combo, they get to elevate their privilage and do other things that weren't intended.