Impersonating a Client

As discussed at the beginning of this chapter, to access secured objects, servers typically impersonate a client. During the impersonation process, the server's impersonation token assumes the security characteristics of the client. This simplifies the security model because Windows 2000 simply uses the thread's impersonation token to perform access checks.

To begin impersonation, the server calls one of the following impersonation functions:

  • ImpersonateNamedPipeClient . Used when the client and server are connected via a named pipe

  • ImpersonateLoggedOnUser . Used when the client is the currently logged on user

After a server has finished accessing resources on behalf of the client, it stops impersonating the ...

Get Developing Secure Applications with Visual Basic now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.