Hello,

I created a WindowsIdentity object using the WindowsIdentity(IntPtr)
constructor passing it a token I received from a call to the LogonUser API
function.
Why is IsAuthenticated returning false although I just authenticated
the user by calling LogonUser ? Is this a bug or am I misinterpreting
something ?

hi Michael,

I can't tell why this is this way, but create your WindowsIdentity object
with a call such as:
WindowsIdentity i = new WindowsIdentity(token, "NTLM",
WindowsAccountType.Normal, true)

Where 'token' is the returned token from the 'LogonUserA' API call (I'm
using the 'A' version but the regular 'LogonUser' call should work the same).

You'll see that the identity returned has the authentication type you've
specified (and you can set anything else than 'NTLM' for your custom
purposes), and will have 'IsAuthenticated' set to 'true', as per the last
parameter.

Why would someone create a WindowsIdentity which is not authenticated is
going well over my head, as to me the purpose of creating such an identity is
to authenticate a user.... anyway, use the above call and you'll be able to
assign your identity to a WindowsPrincipal that will behave as a fully
authenticated user, which can be handy for example in a custom authentication
module that as well sets the current user to a WindowsPrincipal object.

Regards,

Arnaud Richichard

[quoted text, click to view]