SSPI and impersonation

SSPI and impersonation

Post by Kasparo » Mon, 13 Oct 2008 05:18:56



I have an application which uses SSPI for authentication. I could
authenticate users successfully and impersonate the users. (original
user A, impersonated user B)

Now when I do CreateThread after impersonating the user, the newly
created thread runs as the original user (as user A). I want the newly
created thread to run as the impersonated user (user B). I am not very
sure how should I populate the LPSECURITY_ATTRIBUTES in my case (I
guess thats the cause of this issue.)

Please see my code snippet below:

****
rc = (pf->ImpersonateSecurityContext)( &srvCtx );
...
threadRet = CreateThread( NULL,0, (LPTHREAD_START_ROUTINE)
Ganesh_Client_Impl, NULL, 0, NULL);
****


Second query I have is:
Is it possible for me to use the SSPI security context I have at the
server side to authenticate to another server. An SSPI client has
connected to server A and authenticated successfully. Now A has the
security context of the client. I want to use the SSPI context I have
on server A to authenticate again to server B. (A becomes SSPI client
and B becomes server, A uses the context it has to authenticate.)


Thanks in advance.

Ganesh Tambat
 
 
 

1. SSPI and impersonation

2. XP SP2, SSPI, Bad Impersonation level Error

Some time ago I wrote some code to allow a user to type an admin
password to allow my program to update HKLM. I used the sspi code
from MSDN. In the initializesecuritycontext I ask for
ISC_REQ_Delegation - the highest impersonation level. All the code
works and the process token is set to impersontate the admin account
with full rights to the key in HKLM I want to change.

Since installing XP SP2, the impersonation code works but when I go to
open the registery key I get error 1346 from regopenkeyex - bad
impersonation level. I dont get it - I asked for and got Delegation!
What has changed in XP SP2?

Jim Kane
ProDoc, Inc.

3. SSPI/NTLM impersonation level problem

4. No logon SID in access token coming from SSPI impersonation

5. Impersonation with SQL Server SSPI

6. Specify list items with unlimited ANDs and ORs?

7. Excel file expands ands locks Excel

8. Concatenating date field into text ands using in a formula

9. Multiple ifs, and ands, and are not working

10. Proper way to write a conditional statement with ands

11. multiple ifs & ands indirect/offset...need help desperately please

12. if & ands and either indirect or offset - need help fast please

13. sum products with ANDs

14. Stenciling and multiple buffer "ands"

15. Using embeded AND's in WHERE clause?