Tag: Security

Ad-Hoc or Bulk Testing of Windows Login Credentials

I’m doing a SharePoint deployment right now, I’ve planned out the service accounts I’m going to use, handed off those requirements to the IT department, who responded back that, yep, they’d been done. Call me paranoid but I’m thinking “did all those accounts get created with all the right passwords and user names”, I’m also … Continue reading Ad-Hoc or Bulk Testing of Windows Login Credentials

Sharepoint Single Sign-On, Impersonation and the Double-Hop Problem

How do you overcome the identity double hop problem? Windows credentials can only make one “hop” between machines on a network. The first hop is from the user’s browser to the web server; from here, to get to another machine on your network, a second hop is required. There are two ways to work around … Continue reading Sharepoint Single Sign-On, Impersonation and the Double-Hop Problem

.NET (C#) Impersonation with Network Credentials

I required a C# class to enable ad-hoc user account impersonation for accessing resources both on the local machine and also on network machines, which I’ve reproduced here. Of note, if you require impersonation in order to access network resources, you would intuitively select the logon type of LOGON32_LOGON_NETWORK, this however doesn’t work, as according to … Continue reading .NET (C#) Impersonation with Network Credentials

Sharepoint Identity Contexts

When writing pages or web parts for Sharepoint (or indeed just ASP.NET) their are 3 security identity contexts to take into account. 1. Process/Thread Identity This is the identity returned by calling WindowsIdentity.GetCurrent(). If ASP.NET impersonation is not enabled the identity returned will be the process identity (that of the IIS Application Pool). If ASP.NET impersonation … Continue reading Sharepoint Identity Contexts