How to get an Alfresco registration ticket without a user password, but impersonating a user with a user principal name (UPN)

I am writing a DLL that has the function to get an Alfresco registration ticket without using a user password, using only the user principal name (UPN). I call the REST API alfresco / wcservice API service. I am using NTLM in Alfresco.

Im represents users using the constructor WindowsIdentityas described here http://msdn.microsoft.com/en-us/library/ms998351.aspx#paght000023_impersonatingbyusingwindowsidentity . I checked and the user issued itself correctly (I checked the property WindowsIdentity.GetCurrent().Name).

After impersonating the user, I try to make HttpWebRequestand set their credentials using CredentialsCache.DefaultNetworkCredentials. I get an error message:

The remote server returned an error: (401) Unauthorized.
   at System.Net.HttpWebRequest.GetResponse()

When I use the new NetworkCredential("username", "P@ssw0rd")request credentials to set up, I get an Alfresco entry ticket ( HttpStatusCode.OK, 200).

Is there a way that I can get an Alfresco entry ticket without a user password?

Here is the code I'm using:

private string GetTicket(string UPN) {
 WindowsIdentity identity = new WindowsIdentity(UPN);
 WindowsImpersonationContext context = null;

 try {
  context = identity.Impersonate();

  MakeWebRequest();
 }
 catch (Exception e) {
  return e.Message + Environment.NewLine + e.StackTrace;
 }
 finally {
  if (context != null) {
   context.Undo();
  }
 }
}

private string MakeWebRequest() {
 string URI = "http://alfrescoserver/alfresco/wcservice/mg/util/login";


 HttpWebRequest request = WebRequest.Create(URI) as HttpWebRequest;

 request.CookieContainer = new CookieContainer(1);

 //request.Credentials = new NetworkCredential("username", "p@ssw0rd"); // It works with this
 request.Credentials = CredentialCache.DefaultNetworkCredentials;  // It doesn’t work with this
 //request.Credentials = CredentialCache.DefaultCredentials;    // It doesn’t work with this either

 try {
  using (HttpWebResponse response = request.GetResponse() as HttpWebResponse) {
   StreamReader sr = new StreamReader(response.GetResponseStream());

   return sr.ReadToEnd();
  }
 }
 catch (Exception e) {
  return (e.Message + Environment.NewLine + e.StackTrace);
 }
}

Here are the entries from Alfresco stdout.log (if that helps anyway):

17:18:04,550  DEBUG [app.servlet.NTLMAuthenticationFilter] Processing request: /alfresco/wcservice/mg/util/login SID:7453F7BD4FD2E6A61AD40A31A37733A5
17:18:04,550  DEBUG [web.scripts.DeclarativeRegistry] Web Script index lookup for uri /mg/util/login took 0.526239ms
17:18:04,550  DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 10.**.**.** (10.**.**.**:1229)
17:18:04,566  DEBUG [app.servlet.NTLMAuthenticationFilter] Processing request: /alfresco/wcservice/mg/util/login SID:7453F7BD4FD2E6A61AD40A31A37733A5
17:18:04,566  DEBUG [web.scripts.DeclarativeRegistry] Web Script index lookup for uri /mg/util/login took 0.400909ms
17:18:04,566  DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0xe20882b7,Domain:<NotSet>,Wks:<NotSet>]
17:18:04,566  DEBUG [app.servlet.NTLMAuthenticationFilter] Client domain null
17:18:04,675  DEBUG [app.servlet.NTLMAuthenticationFilter] Sending NTLM type2 to client - [Type2:0x80000283,Target:AlfrescoServerA,Ch:197e2631cc3f9e0a]