How to use CreateProcessWithTokenW in Java using JNA

Question

We are using createProcessAsUser function to create a child process running in the context of logged in/Impersonated user using waffle and JNA libraries.

But we need to load the user profile after the impersonation, but the LoadUserProfile function is not available in a JNA library.

As we found that CreateProcessWithTokenW is capable of loading the user profile. But this function also not available in the JNA/Waffle library.

Could anyone help us how to load the user profile or how to use the CreateProcessWithTokenW in Java application.

Answer 1

To use CreateProcessWithTokenW from java with JNA you need to bind the function. JNA is just a layer, that makes it possible to call directly native library functions. For this to work JNA uses java descriptions of the native interface, which are then used to do the actual call.

The jna-platform contrib project (released together with the main project) contains a big number of already bound win32 functions and indeed in Advapi32.java there are already bindings for CreateProcessAsUser and CreateProcessWithLogonW. Based on that I would try this (UNTESTED!):

public interface Advapi32Ext extends StdCallLibrary {
    Advapi32Ext INSTANCE = Native.load("Advapi32", Advapi32Ext.class, W32APIOptions.DEFAULT_OPTIONS);

    boolean CreateProcessWithToken(
        HANDLE hToken,
        int dwLogonFlags,
        String lpApplicationName,
        String lpCommandLine,
        int dwCreationFlags,
        Pointer lpEnvironment,
        String lpCurrentDirectory,
        STARTUPINFO lpStartupInfo,
        PROCESS_INFORMATION lpProcessInfo
    );
}

This assumes that you run with the system property w32.ascii set to false or unset, which is the recommend setup. In that case the W32APIFunctionMapper.UNICODE is used, which appends the "W" suffix automatically. The then also selected W32APITypeMapper.UNICODE ensures, that java String objects are mapped to wchars or in case of a function call to LP*WSTR.