Reputation: 1256
How can I tell when a managed thread has changed user contexts using impersonation?
Is there a way to find out when a managed thread has changed user contexts due to impersonation? I'd like to be able to do this from unmanaged code that is observing the managed code using Microsoft's .NET Profiling APIs.
For example some managed code may be running in user context A, and then impersonate user B. The impersonation may happen due to web.config or dynamically at runtime because the managed code is using APIs to manually impersonate user B.
How can I catch the switch from user A to user B from my unmanaged thread?
Upvotes: 0
Views: 425
Answers (2)
Reputation: 7879
You may check Thread.CurrentPrincipal property. It returns WindowsPrincipal basing on OpenThreadToken call.
Upvotes: 0
Reputation: 16142
You can't do this reliably because as far as I know there's no notification when the thread token changes.
What you CAN do is to call OpenThreadToken on the target thread. When the API succeeds (returning a token) the thread is impersonating someone. That might be sufficient.
Upvotes: 3
Related Questions
- Why does a thread need to impersonate itself?
- Why do Thread.CurrentPrincipal.Identity and WindowsIdentity.GetCurrent() differ when impersonation is turned on?
- Using ManagementObject or GetProcesses getting and impersonating a context
- Impersonate a thread with user's filtered token
- WindowsIdentity.Impersonate() confusion
- How to determine a thread impersonation level
- Win32 User Impersonation Curiosity
- Multilevel usage of thread impersonation
- How to tell if current thread is impersonating?
- Passing impersonation token on a Managed Thread to an Unmanaged Thread