Click here to Skip to main content
15,905,563 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
See more:
Hi Guys,

I have WinForms application that points to an file server. All users are granted ADD/DELETE/MODIFY permission to the file server.The application controls access to the documents. But the problem with this approach is that if users know about the file server path they could just access the path and delete the files. So i thought instead of providing all users ADD/DELETE/MODIFY access we can restrict their access to only read and then create a common user who would have DELETE access and use this credential to access the resource on file share.

Any thought of how it can be achieved ? Impersonation ?

CHill60 9-Oct-13 12:25pm    
Sergey Alexandrovich Kryukov 9-Oct-13 14:52pm    
Do you mean the Verb="runas"? It would request for privileges elevation for a new process, which is a different thing. Probably OP is right, what he need is impersonation; please see the referenced article in my answer.
MohamedHassanAli 10-Oct-13 5:07am    
Yes. Most of the users would not have Administrative permission and I believe runas would not work.
Sergey Alexandrovich Kryukov 10-Oct-13 12:47pm    
Well, as I recently tested, "runas" does work perfectly, but it does something different which you may not need. It requires administrative privileges of the account and only performs elevation to actually put them into effect. This is just a kind of protection against accidental access to resources by an over-privileged user, but in certain cases you really need to pass through elevation without having its request in the application manifest, which is another option. With impersonation, the different user account can be used...

1 solution

Yes. Please see this CodeProject article: Windows Impersonation using C#[^].

Share this answer
MohamedHassanAli 10-Oct-13 5:06am    
Yes. I tried out impersonation. After impersonation when i open the file in the network i get Access is denied error message, i use Process.Start() to open file.The impersonation works fine no issues in that logic.
Sergey Alexandrovich Kryukov 10-Oct-13 12:43pm    
Sounds great. Will you accept the answer formally then (green "Accept" button)?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900