用户模拟asp.net表单身份验证
[英]User impersonation with asp.net forms authentication
问题描述
I've written a small ASP.NET 3.5 application to allow users to update selected account attributes on their own. 
我编写了一个小的ASP.NET 3.5应用程序,允许用户自己更新所选的帐户属性。
Everything works fine when I use Basic Authentication, but because the dialog that is presented is less than ideal, I'd like to use forms authentication to give the users more instruction on how to log in. 当我使用基本身份验证时,一切正常,但由于显示的对话框不太理想,我想使用表单身份验证为用户提供有关如何登录的更多说明。
My problem is that in order for the user to update their account information, I have to have the application impersonate them for the update actions. 我的问题是,为了让用户更新他们的帐户信息,我必须让应用程序模拟他们进行更新操作。
I've scoured the internet trying to find a solution to my issue, but nothing fits or works. 我在互联网上搜寻试图找到解决问题的办法,但没有任何内容适合或有效。 I have tried setting the web.config : 我试过设置web.config :
<identity impersonate="true">
but that doesn't seem to work. 但这似乎不起作用。 I also have the C# code using the WindowsImpersonationContext class, but still no luck. 我也使用WindowsImpersonationContext类的C#代码,但仍然没有运气。
protected void titleTextBox_TextChanged(object sender, EventArgs e)
{
TextBox tb = (TextBox)sender;
string fieldTitle = "job title";
string fieldName = "title";
if (userDirectoryEntry == null)
CaptureUserIdentity();
try
{
WindowsImpersonationContext impersonationContext = userWindowsIdentity.Impersonate();
if (String.IsNullOrEmpty(tb.Text))
userDirectoryEntry.Properties[fieldName].Clear();
else
userDirectoryEntry.InvokeSet(fieldName, tb.Text);
userDirectoryEntry.CommitChanges();
impersonationContext.Undo();
PostBackMessages.Add(fieldTitle, "");
}
catch (Exception E)
{
PostBackMessages.Add(fieldTitle, E.Message);
}
}
I also tried using the LogonUser method to create a user token and backend the authentication that way, and it doesn't work either. 我还尝试使用LogonUser方法创建用户令牌并以这种方式后端进行身份验证,但它也不起作用。
IntPtr token = IntPtr.Zero;
bool result = LogonUser(userName, domainName, passwordTB.Text, LogonSessionType.Network, LogonProvider.Default, out token);
if (result)
{
WindowsPrincipal wp = new WindowsPrincipal(new WindowsIdentity(token));
System.Threading.Thread.CurrentPrincipal = wp;
HttpContext.Current.User = wp;
if (Request.QueryString["ReturnUrl"] != null)
{
FormsAuthentication.RedirectFromLoginPage(usernameTB.Text, false);
}
else
{
FormsAuthentication.SetAuthCookie(usernameTB.Text, false);
}
}
I just can't help but think that I'm missing something incredibly simple... 我不禁想到我错过了一些非常简单的东西......
1 个解决方案
解决方案1
1 2010-09-03 14:20:39
Have you enabled Windows Authentication and disabled Anonymous Authentication in IIS? 您是否在IIS中启用了Windows身份验证并禁用了匿名身份验证?
If impersonation is enabled in an ASP.NET application then: 如果在ASP.NET应用程序中启用了模拟,则:
• If anonymous access is enabled in IIS, the request is made using the IUSR_machinename account. •如果在IIS中启用了匿名访问,则使用IUSR_machinename帐户发出请求。
• If anonymous access is disabled in IIS, the request is made using the account of the authenticated user. •如果在IIS中禁用了匿名访问,则使用经过身份验证的用户的帐户进行请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.