User Impersonation with the User Token
Two primary ways exist to create the SPSite as a security context. One way is to use the current Windows or Forms identity, which is the default method whether you are accessing the site from the WSS Web application or an administrative console. This is also the method used with the SPSecurity.RunWithElevatedPrivileges delegate—the current principal that happens to be SHAREPOINT\system is used to create the site security context.
The other way to create the SPSite is by using an SPUserToken object. The SPUserToken is the token created upon authentication. It references the principal of the user from either Active Directory or the identity store with its groups and roles. In the case of a Windows identity, ...
Get Inside Microsoft® Windows® SharePoint® Services 3.0 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.