1

Creating a new process from Java web application using createProcessAsUser and waffle SSO impersonation. Everything works fine in chrome and any other browsers normal window, when I try to access the web application using incognito/private window, new process is not created, but didn't get any errors or warnings. I don't see any difference when I run it in normal/private mode. Any insights would be greatly helpful.

Calling with:

Advapi32.INSTANCE.CreateProcessAsUser(
    primaryToken.getValue(), 
    null,
    "" + batchFile + " " + workFlowId + " " + tokenAccount.name 
        + " >> " + fileName,
    null,
    null,
    false,
    WinNT.CREATE_NEW_CONSOLE | WinNT.CREATE_UNICODE_ENVIRONMENT, 
    environment,
    fileDirectory,
    startupInfo,
    processtartupInfo
)
Daniel Widdis
  • 8,424
  • 13
  • 41
  • 63
Chandru
  • 81
  • 1
  • 9
  • Show us the code you're using. Likely one of the arguments to the function (environment, perhaps) behaves differently. – Daniel Widdis Oct 05 '22 at 16:12
  • Thanks for the quick response Daniel Widdis! Code snippet: ```Advapi32.INSTANCE.CreateProcessAsUser(primaryToken.getValue(), null, ""+batchFile+" "+workFlowId+" "+tokenAccount.name+" >> "+fileName, null, null, false, WinNT.CREATE_NEW_CONSOLE | WinNT.CREATE_UNICODE_ENVIRONMENT, environment, fileDirectory, startupInfo, processtartupInfo)``` If you need further details about the code, Please let me know! – Chandru Oct 05 '22 at 16:54
  • Where does `environment` come from? Can you add logging to your code and compare the values of the environment, startupInfo, processstartupInfo, etc.? Find out which one is different for incognito. – Daniel Widdis Oct 05 '22 at 18:25
  • @DanielWiddis Environment, startupInfo, processstartinfo values are similar in both the cases. But when experimented it by changing ImpersonationLevel of DuplicateTokenEx from SecurityImpersonation to *SecurityDelegation*. it started working fine! it seems to be strange:) Thanks a lot Daniel ! – Chandru Oct 06 '22 at 16:33

1 Answers1

0

Change ImpersonationLevel of DuplicateTokenEx from SecurityImpersonation to SecurityDelegation

Chandru
  • 81
  • 1
  • 9