I am developing an application that should load plug-ins into separate child application domains. Only one plugin is loaded into one child domain of the application. Each plug-in requires a different Windows identifier, and these identifiers are different from the Windows identifier used in the default application domain (parent). Each plugin downloads one or more of its child plugins.
eg. The default application domain identification is Authority \ Limited (Authority is the domain name or machine name). Two plugins are loaded into two child application domains. The identifiers of the loaded plug-ins are Author \ Privileged1 and Authority \ Privileged2. The rights \ Privileged1 and Authority \ Privileged2 have all the necessary access to the databases Database1 and Database2, respectively, while Authority \ Limited does not have access to any of the above databases.
When creating a child application domain, I call the System.AppDomain.SetThreadPrincipal method, passing in an instance of System.Security.Principal.WindowsPrincipal . The instance was created from an instance of System.Security.Principal.WindowsIdentity created from a duplicate user token (see http://support.microsoft.com/kb/306158 ), I omitted the call to the WindowsIdentity.Impersonate method, since I'm in the application domain by default when creating an instance of WIndowsPrincipal .
I expected that setting the principle of assigning application domain streams would be sufficient for the loaded plugins to successfully enter their respective databases and execute some T-SQL statements. To my surprise, the value returned by the WindowsIdentity.GetCurrent () method is used when opening a database connection. The value returned by the method is either the identifier of the process or the personification of the person.
Since the process identifier does not have the permissions required to work with databases, this is not acceptable. Thus, the personification should come forward. However, impersonation should only occur in child application domains. Each plug-in provides methods used to load and unload the plug-in. I understand that I must complete the impersonation at the beginning and cancel the impersonation at the end of these methods. However, impersonation must be performed for all threads originated in child application domains. Since each plug-in loads one or more of its child plug-ins, and each plug-in can create one or more threads, impersonation has to be done in many places, and it looks very dirty.
Is it possible to impersonate only once to affect all flows that are generated in child domains of the application?
Rest wing
source share