[英]to check for administrator
I have developed a web application and only the user that has the administrator role can access it and no one else.. 我已经开发了一个Web应用程序,只有具有管理员角色的用户才能访问它,而没有其他人可以访问。
I am having difficulty trying to figure out if the user is administrator or not//// 我很难弄清楚用户是否是管理员////
My code for login page is 我的登录页面代码是
public partial class LoginPage : System.Web.UI.Page
{
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
//WindowsImpersonationContext impersonationContext;
[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern int DuplicateToken(IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern bool RevertToSelf();
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);
protected void LoginButton_Click(object sender, EventArgs e)
{
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if(LogonUserA(UserName.Text, Domain.Text, Password.Text, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
System.Security.Principal.WindowsIdentity wi = System.Security.Principal.WindowsIdentity.GetCurrent();
System.Security.Principal.WindowsPrincipal wp = new System.Security.Principal.WindowsPrincipal(wi);
if (wp.IsInRole("Administrators"))
{
BadCredentials.Visible = false;
Session["userName"] = UserName.Text;
Session["password"] = Password.Text;
Session["domain"] = Domain.Text;
FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
}
else
{
BadCredentials.Visible = true;
Label1.Text = wp.Identity.ToString();
Label2.Text = wi.Name.ToString();
Label3.Text = "not Admin";
}
}
else
{
BadCredentials.Visible = true;
Label4.Text = "not valid user";
}
When i put Administrator and the password 当我输入管理员和密码时
In this the Label2.text gives me 在这个Label2.text给我
XYZCOMP\\IUSR_XYZCOMP
XYZCOMP \\ IUSR_XYZCOMP
and does not go to the next page.... 并且不会转到下一页。
any help please... thanks 任何帮助请...谢谢
I am using forms authentication 我正在使用表单身份验证
> <authentication mode="Forms"> <forms
> name="AuthCookie"
> LoginUrl="Login.aspx" timeout = "60"
> /> </authentication> <authorization>
> <deny users="?" />
> <allow users="*" />
> </authorization>
I think your problem is in this line: 我认为您的问题出在以下方面:
wi = System.Security.Principal.WindowsIdentity.GetCurrent();
Try changing it to 尝试将其更改为
wi = (WindowsIdentity)HttpContext.Current.User.Identity;
If you are using Windows Authentication to get onto the site then you can simply use the web.config to restrict who has access to the site: 如果您使用Windows身份验证进入该站点,则只需使用web.config来限制谁可以访问该站点:
<authentication mode="Windows"/>
<authorization>
<allow role="DOMAIN\Administrator"/>
<deny users="*"/>
</authorization>
Is that what you want? 那是你要的吗?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.