Microsoft Internet Security and Acceleration Server 2000

IFWXSession::ImpersonateClient Method

Calls IFWXImpersonator::Impersonate so that a filter can impersonate the authenticated user for this session.

HRESULT ImpersonateClient()

Return Values

The user is allowed to access the host.
Could not impersonate because the session is not authenticated.


This function will fail if the current session user is not authenticated. This could be either because the session belongs to a SecureNAT client, or because the Firewall service currently does not require authentication.

Authentication can be forced by adding a rule that requires authentication, for example, a rule that denies a specific user access to a particular site. Authentication can also be forced by setting the default rule to apply to the group Everyone instead of to Any request.

This method is used specifically by application filters for sessions created by the Firewall service or by other filters. Impersonation on behalf of the Firewall service for a session created by a particular filter is performed by that same filter through the IFWXImpersonator interface.

See Also