The crux of my problem is that I want to impersonate a user’s NTLM credentials in the context of a SharePoint custom security trimmer to execute
HttpWebRequests to check user access to URLs.
When accessing WindowsIdentity.GetCurent() in the security trimmer, the
System.Security.Principal.WindowsIdentity object returns the identity of the application pool running the search query service, NOT the currently logged in user.
When accessing System.Threading.Thread.CurrentPrinciple.Identity in the security trimmer, the
Microsoft.IdentityModel.Claims.ClaimsIdentity object of the current logged in user is returned. However, there is a catch.
If I execute the following code in a .NET web application, the cast of the
ClaimsIdentity to a WindowsIdentity succeeds because the identity has the authentication type of NTLM.
WindowsIdentity winId = (WindowsIdentity)System.Threading.Thread.CurrentPrincipal.Identity;
WindowsImpersonationContext wic = winId.Impersonate();
request.Credentials = CredentialCache.DefaultCredentials;
//access means a response comes back when a request is made to the url
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
returnStatus = true;
However, when I execute the same code in the context of the SharePoint security trimmer (the search query service li
View Complete Post