Question : Custom Search Page and Impersonation

Hi,

We have created a custom search page for SharePoint that takes a username on the querystring and then tries to impersonate that user before performing the search. We have configured the correct Kerberos authentication to allow for impersonation etc. However, it fails with the following error:

"An error occurred loading a configuration file: Either a required impersonation level was not provided, or the provided impersonation level is invalid"

using System.Security.Principal;
using Microsoft.Office.Server.Search.Query;

.....stuff...

name = "[email protected]";
WindowsIdentity id = new WindowsIdentity(name);
WindowsPrincipal p = new WindowsPrincipal(id);

// impersonate temporarily
WindowsImpersonationContext wic = id.Impersonate();

try
{
    SPSite siteCollection = new SPSite("http://intranet.demo.com/sites/searchsitecollection");
    String queryText = “Hello World”;
    String query = String.Format("SELECT Title, Path FROM Scope() WHERE \"scope\"='All Sites' AND CONTAINS('\"{0}\"')", queryText);

    FullTextSqlQuery qry = new FullTextSqlQuery(siteCollection);
    qry.ResultTypes = ResultType.RelevantResults;
    qry.TrimDuplicates = false;
    qry.KeywordInclusion = KeywordInclusion.AnyKeyword;
    qry.QueryText = query;
    qry.RowLimit = 200;


    ResultTableCollection resultTbls;

    resultTbls = qry.Execute();

    ResultTable resultsTab = resultTbls[ResultType.RelevantResults];
    while (resultsTab.Read())
    {
                //Do stuff
    }
}
finally
{
     // restore our old security context
     wic.Undo();  
}

Answer : Custom Search Page and Impersonation

The code below is "air code" (not tested). I still think it would be better to use a query based on your actual tables instead of Query2, but in the end you need a solution that you can maintain, so it's your call.

(°v°)
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:

    Dim strSQL As String
    Dim varID
    
    strSQL = "SELECT * FROM tbl_survey WHERE survey_year='2010'"
    With CurrentDb.OpenRecordset(strSQL, dbOpenDynaset)
        Do Until .EOF
            varID = DLookup("ID","Query2","part_rate='52' and ID=" & !ID)
            If Not IsNull(varID) Then
                .Edit
                !service = True
                .Update
            End If
            .MoveNext
        Loop
        .Close
    End With
Random Solutions  
 
programming4us programming4us