Giampaolo Rodola' wrote:
> Roger Upole wrote:
>> I think you're looking for win32security.ImpersonateAnonymousToken.
>> Note that Anonymous is not the same thing as the Guest account.
>
> By reading MSDN it seems it should be used with threads (while I'm in
> an asynchronous environment) and I'm not even sure that's what I need.
> Could you provide an example code?
Well you've still *got* a thread, even if you're not spawning
any more to handle multithreading. Hopefully the code below
illustrates what's going on. Obviously you'll have to to adapt
to your circumstances.
TJG
<code>
import win32api
import win32security
import ntsecuritycon
ANONYMOUS_SID = win32security.CreateWellKnownSid (
win32security.WinAnonymousSid
)
if __name__ == '__main__':
flags = ntsecuritycon.MAXIMUM_ALLOWED
#
# At the start, this thread probably doesn't have
# its own token (unless it's impersonating already)
#
try:
hToken = win32security.OpenThreadToken (
win32api.GetCurrentThread (), flags, True
)
except win32security.error, (errno, errcontext, errmsg):
if errno == 1008:
hToken = win32security.OpenProcessToken (
win32api.GetCurrentProcess (), flags
)
else:
raise
#
# Just for show, indicate who owns the token before impersonation
#
sid, attr = win32security.GetTokenInformation (
hToken,
win32security.TokenUser
)
print "BEFORE: Token is for", sid
#
# Impersonate the anonymous user and show that the
# resulting token owner is the anonymous sid
#
win32security.ImpersonateAnonymousToken (win32api.GetCurrentThread ())
hToken = win32security.OpenThreadToken (
win32api.GetCurrentThread (), flags, True
)
sid, attr = win32security.GetTokenInformation (
hToken, win32security.TokenUser
)
if sid == ANONYMOUS_SID:
print "AFTER: Token is now Anonymous:", sid
else:
print "AFTER: Token is", sid
</code>
_______________________________________________
python-win32 mailing list
python-win32@python.org
http://mail.python.org/mailman/listinfo/python-win32
