[英]Get real logged in user when impersonation is used
Here's a question that's hard to research... how would I obtain the name of the "real" user that is logged in, when impersonation is used? 这是一个很难研究的问题...使用模拟时,我如何获得登录的“真实”用户的名称? I'm aware that it's possible if I turned impersonation off and then back on, but that's difficult in my situation and am looking for something simpler.
我知道有可能我先关闭模拟然后再重新打开,但这在我的情况下很困难,并且正在寻找更简单的方法。
I've tried the following, which all point to the ImpersonationUser: Environment.UserName
WindowsIdentity.GetCurrent().Name
SystemInformation.Username
我尝试了以下内容,所有这些都指向ImpersonationUser:
Environment.UserName
WindowsIdentity.GetCurrent().Name
SystemInformation.Username
Here is the code that impersonates the user (not sure how much it helps): 这是模拟用户的代码(不确定它的帮助程度):
if (LogonUser(userName, "ABDATA", pwd, LogonSessionType.Interactive, LogonProvider.Default, ref this._userToken))
{
if (DuplicateToken(this._userToken, SecurityImpersonationLevel.SecurityImpersonation, ref this._impersonationToken))
{
this._identity = new WindowsIdentity(this._impersonationToken, "Kerberos", WindowsAccountType.Normal, true);
this._impersonationContext = this._identity.Impersonate();
System.Threading.Thread.CurrentPrincipal = new WindowsPrincipal(this._identity);
}
else
{
Marshal.ThrowExceptionForHR(Marshal.GetHRForLastWin32Error());
}
}
We basically want the permissions of this impersonation user so that it can access certain files, but want to be able to display the actual logged-in user's name for accountability purposes. 我们基本上需要该模拟用户的权限,以便它可以访问某些文件,但希望出于责任制目的而能够显示实际登录用户的名称。
Looking for any solution really.. Thanks. 真的在寻找任何解决方案..谢谢。
将用户详细信息缓存在ThreadStatic字段中 ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.