HSE_REQ_GET_IMPERSONATION_TOKEN

This support function allows you to retrieve a handle to the impersonation token that the request is using. An impersonation token represents a user context.

BOOL ServerSupportFunction(

  HCONN ConnID,  

  DWORD HSE_REQ_GET_IMPERSONATION_TOKEN, 

  LPVOID lpvBuffer,  

  LPDWORD lpdwSize,  

  LPDWORD lpdwDataType

);

 

Parameters
ConnID
Specifies the connection identifier of the client to which the response data should be sent.
lpvBuffer
Points to the HANDLE structure IIS will use to report the impersonation token handle.
lpdwSizeofBuffer
Unused in this ServerSupportFunction request type.
lpdwDataType
Unused in this ServerSupportFunction request type.
Remarks

When your ISAPI extension attempts to access a resource, such as files or registry keys, the thread should be set to impersonate the user by using either the ImpersonateLoggedOnUser or SetThreadToken Win32® API function. The handle returned, through the HANDLE structure specified by the lpvBuffer parameter, is suitable for use with either of these Win32 API calls.

It is important to note that, because the token is owned by IIS and not by your ISAPI extension, your extension should not call CloseHandle on the token. The token will be destroyed by IIS when the current request's EXTENSION_CONTROL_BLOCK is destroyed.