With K2 BlackPearl SP1 and 803, when you call the ImpersonateUser method on an instance of the Connection object in the SourceCode.Workflow.Client API, it always returns true, even if you pass an invalid username to the method. If you attempt to open the user's worklist (OpenWorklist method), it will return an empty worklist.
Obviously, you can workaround this different ways. If you are using Active Directory as your primary authentication provider, you could write .NET code like the following. to validate the user exists:
string UserName =
@"CarolM";
DirectoryEntry
de = new DirectoryEntry();
de.Path = "LDAP://DC=K2DEMO,DC=local";
de.AuthenticationType = AuthenticationTypes.Secure;
DirectorySearcher
deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=user) (cn=" +
UserName + "))";
SearchResultCollection
results = deSearch.FindAll();
if
(results.Count == 0)
{
MessageBox.Show("NOT THERE!!");
}
else
{
MessageBox.Show("FOUND ONE!");
}
(Remember you'll need to include System.DirectoryServices as a Reference in the project and include System.DirectoryServices namespace at the top of your code)
If you happen to be trying to Impersonate a user in the K2SQLUM database, you could also attempt to create a Process Instance after calling the ImpersonateUser method as follows:
ProcessInstance proc = conn.CreateProcessInstance(@"TestProjectTestProc")
This will cause a rights related related exception to be thrown, which you could catch using a try-catch block and handle accordingly in your application. This method call with not START a process instance, so nothing will actually be created on the server if you are impersonating a valid user. The problem with this approach is that you will need to make sure that the user has rights to start the
process in question IF you are impersonating a valid user. Anyone have any better ideas?
Regards,
Sam
