Impersonation

Previous page
Table of content
Next page
[Previous] [Next]

Impersonation is the ability of a thread to execute in a security context different from that of the process owning the thread. Typically, a thread in a server application impersonates a client before performing work on behalf of the client, thus allowing the server thread to act on behalf of that client to access objects or validate access to its own objects.

You might choose to have a server impersonate a client when connecting to a database so that the database can authenticate and authorize the client. Or your application can impersonate the client before accessing files that are protected with an ACL so as to ensure that the client can obtain only authorized access to information in these files. This process is shown in Figure 3-11.

First, a process starts up under a security context. This is either the context of the user, or, if the process is a service (similar to a UNIX daemon), the context of a service account is defined and controlled by the service control manager.

The application's security context is the security token associated with the process. Any threads that start inside the process automatically inherit the parent process's token. This is shown in the left column of the diagram where a pool of threads is waiting for client connections.

In the middle column of the diagram, a client connects and attempts to use a secured resource. To perform this action, a thread is removed from the pool, calls a Win32 API to impersonate the client, and then performs the required tasks. Impersonating is literally the act of swapping tokens on the thread. If the calling user is not allowed access to a resource, an access denied error occurs.

Finally, the client drops the connection because the work is completed, and the thread reverts to the token of the parent process.

NOTE
If a remote application or service impersonates a client, it can access only resources local to the service on behalf of the client. Attempts to access resources on remote computers while impersonating the client will usually fail. See the next section, "Delegation" for further details.

click to view at full size.

Figure 3-11. The impersonation process.


Previous page
Table of content
Next page
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Qshell for iSeries
The CISSP and CAP Prep Guide: Platinum Edition
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
802.11 Wireless Networks: The Definitive Guide, Second Edition
Cultural Imperative: Global Trends in the 21st Century
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy