Client Impersonation

Impersonation is the ability of a thread to execute in a security context different from that of the process that owns the thread. Typically, a thread in a server application impersonates a client. This allows the server thread to act on behalf of that client to access objects or validate access to its own objects.

The Microsoft® Win32® API provides the following functions a thread can use to begin an impersonation:

• A DDE server application can call the DdeImpersonateClient function to impersonate a client.
• A named-pipe server can call the ImpersonateNamedPipeClient function.
• You can call the ImpersonateLoggedOnUser function to impersonate the security context of a logged-on user's access token.
• The ImpersonateSelf function enables a thread to generate a copy of its own access token. This is useful when an application needs to change the security context of a single thread. For example, sometimes only one thread of a process needs to enable a privilege.
• You can call the SetThreadToken function to cause the target thread to run in the security context of a specified impersonation token.
• A Microsoft Remote Procedure Call (RPC) server application can call the RpcImpersonateClient function to impersonate a client.
• A security package or application server can call ImpersonateSecurityContext to impersonate a client.

For most of these impersonations, the impersonating thread can revert to its own security context by calling the RevertToSelf function. The exception is the RPC impersonation in which the RPC server application calls RpcRevertToSelf or RpcRevertToSelfEx to revert to its own security context.