Archive for 'Blog'


How to Programmatically Impersonate Users in SharePoint

Posted on April 9, 2009 by donabel

Sometimes when creating SharePoint web or console applications, you may need to execute specific code blocks in another user’s context.

Impersonating users in SharePoint will require a couple of things:

  • the account that the web or console app uses has privileges to impersonate other users (typically this would be the system account)
  • specific users’ user tokens


Step 1: Log in as the system account, or get a handle to the system account in your code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

string siteStr = "http://mysharepointsite/";
 
//we just need to get a handle to the site for us
//to get the system account user token
SPSite tempSite = new SPSite(siteStr);
 
SPUserToken systoken = tempSite.SystemAccount.UserToken;
 
using (SPSite site = new SPSite(siteStr, systoken))
{
   using (SPWeb web = site.OpenWeb())
   {
       //right now, logged in as Site System Account
       Console.WriteLine("Currently logged in as: " +
                        web.CurrentUser.ToString());
 
       //add your code here
   }
}

Step 2: Before you impersonate, get the user token of the user you are switching to. For example:

1
2
3
4
5
6
7
8
9
10
11

//get this current user's user token
SPUserToken userToken = web.AllUsers[user].UserToken;
 
//create an SPSite object in the context of this user
SPSite s = new SPSite(siteStr, userToken);
 
SPWeb w = s.OpenWeb();
Console.WriteLine("Currently logged in as: " +
                  w.CurrentUser.ToString() +
                  "(" + w.CurrentUser.Name + ")"
                 );

Complete code follows:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

private static void impersonateTest()
{
   string siteStr = "http://mysharepointsite/";
   SPSite tempSite = new SPSite(siteStr);
   SPUserToken systoken = tempSite.SystemAccount.UserToken;
   using (SPSite site = new SPSite(siteStr, systoken))
   {
       using (SPWeb web = site.OpenWeb())
       {
           //right now, logged in as Site System Account
           Console.WriteLine("Currently logged in as: " +
                              web.CurrentUser.ToString());
           switchUser(web, siteStr, "BlackNinjaSoftware/MatthewCarriere");
           switchUser(web, siteStr, "BlackNinjaSoftware/ShereenQumsieh");
           switchUser(web, siteStr, "BlackNinjaSoftware/DonabelSantos");
       }
   }
}
 
private static void switchUser(SPWeb web, string siteStr, string user)
{
   //impersonate somebody else
   SPUserToken userToken = web.AllUsers[user].UserToken;
   SPSite s = new SPSite(siteStr, userToken);
   SPWeb w = s.OpenWeb();
   Console.WriteLine("Currently logged in as: " +
                     w.CurrentUser.ToString() +
                     "(" + w.CurrentUser.Name + ")"
                    );
}

Tags:

Comments are closed.

Archives

Upcoming Training Events


We also have courses on Ruby on Rails and SharePoint 2007 Application Development!

Check our training page for schedule, content and rates!

We are experts

Black Ninja Software was created with the idea that great software comes from great people. We are passionate about the technologies we use and continually refine our skills to better master what we do. This is what makes us Ninjas. We architect, design, and implement solutions using Microsoft Office SharePoint Server, SQL Server, and ASP.NET

We create software

If you have a business process that needs refining or automation, or you have a current project in distress that needs rescuing, we can help. Our wealth of experience will create your great idea from scratch if that's what you need ninjas to do for you. In addition to the work we do for our clients, we also have several of our own projects that are currently being developed. We use the same tools and the same skills on our projects as we do on yours.