What is the correct way to do impersonation in a click-once deployed app?

Hot Topic

Hide the first Column
landscape vs. portrait in browser control
How do I Logical AND two strings
Wiew(get) result in text.Box from DataGridWiew
Strange behaving XMLHTTP
SetChildIndex
Accessing Controls on a splitter panel
Progress Bar Help!
ApplicationSettingsBase in C# and .NET 2.0
Remote SQL Server

Windows Forms

Easiest way to work with the KeyBoard??
multline listbox huge item text
different controls in a datagrid?
Multiple select is not working for datagridview
Prevent TextBox From Changing SelectionStart (Caret) With Mouse
Query/Databinding question
images resize...
Applying Visual Styles to form When Theme Service is not enabled.
Insttal problems
Binding Error(System.ArgumentException

What is the correct way to do impersonation in a click-once deployed app?

Hi there

Sorry for cross-posting this thread, but it has gone unanswered in the "MSDN Forums Windows Forms Windows Forms General" forum for a couple of weeks now, so I hope someone in here can answer it instead.

I would very much like to be able to run my vb.net winform apps in a different security context from that of the current user. And prior to click-once I simply did this by using the "run as" right-click option on a shortcut to my app.

Now with click-once deployment (which I really want to use) the application is located on a webserver and activated using an url to the site on the server where the app is hosted and thus the "run as" option is not available.

So how do I proceed

Do I do impersonation like it is described in this thread
Which does not seem very elegant to me, considering that you can do the same thing using on one line in the web.config of an asp.net application.
Doesn't the .NET 2.0 platform have a more neat way of doing impersonation .

Or can I somehow still use the "run as" method

Best regards Jakob

Answer this question

What is the correct way to do impersonation in a click-once deployed app?

  • Edgar J.

    You can think of doing it programatically like the sample explained. You present a dialog to the user if he likes to run with the log on credentials or with a differnt credentials. If the user likes to run with different credentials take them from user, create an impersonation context/ prinicipal and set it to the current thread. You can dig the actual implementation details from msdn. ClickOnce Apps even though deployed on the web, they are downloaded/cached locally and run locally. Except that you won't be running the exe directly but through ClickOnce. It is a running from web experience but not actually running in the context of IIS. It is after all a Client App running and runs with what ever the permission set it can get depending on what it asked, depending on what CLR and Windows can give. Now you can see why we do not need to config based security setting for ClickOnce apps. -Thanks Sreekanth
  • What is the correct way to do impersonation in a click-once deployed app?
Answer this question