Connect to a file server

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Connect to a file server

Message

15/06/2007 22:34:59

Ivan George Borges
Offisys Informatica
São Paulo, Brésil

15/06/2007 19:50:32

Hilmar Zonneveld
Independent Consultant
Cochabamba, Bolivie

Information générale

Forum:

Visual FoxPro

Catégorie:

Codage, syntaxe et commandes

Titre:

Re: Connect to a file server

Versions des environnements

Visual FoxPro:

VFP 9

OS:

Windows XP

Divers

Thread ID:

01233350

Message ID:

01233700

Vues:

>>Is it the case that you don't want the user to be able to see and access the mapped drive letter?
>>If so, you could "impersonate" it from within the application.
>>
>>Abraços.
>
>The "impersonation" stuff, I would have to learn it first - but first, I'll ask my client whether the solution proposed is acceptable.

Got it.

If you feel like it, I extracted this from the wikis:

-------------------------

>Problem: how to limit access to database files only to designated FoxPro application?
>
>Please follow this link:
>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>
>Thanks!

>Problem: how to limit access to database files only to designated FoxPro application?
>
>Please follow this link:
>http://fox.wikis.com/wc.dll?Wiki~RunAsAnotherUser
>
>Thanks!

We had done this for testing some time ago, and it worked pretty well AFAWK, but without using run as, just doing the impersonation directly from within foxpro code.

* If the table "Products" is in a protected folder, for example and the user "ProdAdmin" has rights to the folder, then:

if Impersonate("ProdAdmin", "ProdPassword")
   * I use a mapped drive just as an example, of course it is not needed or desireble
   USE X:\ProductFolder\Products
endif
* Do some process

EndImpersonate()


FUNCTION Impersonate(UserName As String, UserPassword As String) As Boolean
   LOCAL nToken, loNet
   Declare Integer LogonUser IN advapi32 ;
   	String lpszUsername, ;
   	String lpszDomain, ;
   	String lpszPassword, ;
   	Integer dwLogonType, ;
   	Integer dwLogonProvider, ;
   	Long @phToken

   Declare Integer ImpersonateLoggedOnUser IN WIN32API Long ptr   

   Declare RevertToSelf IN ADVAPI32

   nToken	= 0
   loNET		= CREATEOBJECT('wscript.Network')
   IF LogonUser(UserName, loNET.UserDomain, UserPassword, 2, 0, @nToken) > 0
      IF ImpersonateLoggedOnUser(nToken) > 0
         CLEAR DLLS
         loNet.MapNetworkDrive('X:', '\\skyapps\apps') && Map all network drives is necessary
         RETURN .t.
      ENDIF
   ENDIF
   CLEAR DLLS
   RETURN .F.
ENDFUNC

FUNCTION EndImpersonate() As Boolean
   Declare RevertToSelf IN ADVAPI32
   RevertToSelf()
   CLEAR DLLS
ENDFUNC

Now the code between Impersonate() and EndImpersonate() would have the rights of the user passed as parameter. Note that this can be dangerous, for example if you open explorer while impersonating (within the program, for the impersonation is just scoped to the vfp session), the user would have all rights of the impersonated user.

-------------------------------

Ivan

Répondre

Fil

Voir

Click here to load this message in the networking platform