使用模拟时获得真实的登录用户

Question

Here's a question that's hard to research... how would I obtain the name of the "real" user that is logged in, when impersonation is used? I'm aware that it's possible if I turned impersonation off and then back on, but that's difficult in my situation and am looking for something simpler.

I've tried the following, which all point to the ImpersonationUser: Environment.UserName WindowsIdentity.GetCurrent().Name SystemInformation.Username

Here is the code that impersonates the user (not sure how much it helps):

        if (LogonUser(userName, "ABDATA", pwd, LogonSessionType.Interactive, LogonProvider.Default, ref this._userToken))
        {
            if (DuplicateToken(this._userToken, SecurityImpersonationLevel.SecurityImpersonation, ref this._impersonationToken))
            {
                this._identity = new WindowsIdentity(this._impersonationToken, "Kerberos", WindowsAccountType.Normal, true);
                this._impersonationContext = this._identity.Impersonate();
                System.Threading.Thread.CurrentPrincipal = new WindowsPrincipal(this._identity);
            }
            else
            {
                Marshal.ThrowExceptionForHR(Marshal.GetHRForLastWin32Error());
            }
        }

We basically want the permissions of this impersonation user so that it can access certain files, but want to be able to display the actual logged-in user's name for accountability purposes.

Looking for any solution really.. Thanks.

Answer 1

将用户详细信息缓存在ThreadStatic字段中 ？