[英]ASP.NET impersonation works only when a user is specified in the web.config
First, I apologize is this a duplicate, but I really couldn't find a similar problem anywhere. 首先,很抱歉这是重复的,但是我真的在任何地方都找不到类似的问题。
The situation is I'm attempting to use the impersonation feature in asp.net to retrieve a file located on a network directory. 我正在尝试使用asp.net中的模拟功能来检索位于网络目录中的文件。 When I specify the user in the web.config, it works fine:
当我在web.config中指定用户时,它可以正常工作:
<identity impersonate="true" userName="contoso\Jane" password="********" />
However, when I try using the following, I recieve a prompt to login to the site, which I'm never able to do successfully. 但是,当我尝试使用以下内容时,会收到提示登录该站点的提示,但我从未成功完成该操作。
<identity impersonate="true"/>
My understanding of the latter example is that it will attempt to impersonate with the windows credential of whomever is currently viewing the page (via windows authentication). 我对后一个示例的理解是,它将尝试模拟当前正在查看页面的任何人的Windows凭据(通过Windows身份验证)。 Is this not correct?
这不正确吗?
I should note, I do have windows authentication working properly in other areas of the app. 我应该注意,我确实在应用程序的其他区域中使Windows身份验证正常工作。
Thanks 谢谢
EDIT 编辑
I should also mention, this is running on II6... and it just "feels" like a configuration issue... 我还应该提到,这是在II6上运行的...就像配置问题一样“感觉” ...
I would go a other way with a extra class Impersonate.cs and You need a user, a password and a Domain. 我会使用其他类Impersonate.cs进行其他选择,您需要一个用户,一个密码和一个域。
Imperosnate.cs : Imperosnate.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.IO;
using System.Text;
using System.Web;
namespace [YourProgramName] //You must change it
{
public class Impersonate
{
[DllImport("advapi32.dll", SetLastError = true)]
private static extern int LogonUser(string lpszUsername, string lpszDomain, string lpszPassword,
int dwLogonType, int dwLogonProvider, out int phToken);
[DllImport("kernel32.dll")]
private static extern int FormatMessage(int dwFlags, string lpSource, int dwMessageId, int dwLanguageId,
StringBuilder lpBuffer, int nSize, string[] Arguments);
private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
private const int LOGON32_PROVIDER_DEFAULT = 0;
private const int FORMAT_MESSAGE_FROM_SYSTEM = 0x1000;
private static WindowsImpersonationContext winImpersonationContext = null;
public static void ImpersonateUser(string domain, string userName, string password)
{
//Benutzer einloggen
int userToken = 0;
bool loggedOn = (LogonUser(userName, domain, password, LOGON32_LOGON_NETWORK_CLEARTEXT,
LOGON32_PROVIDER_DEFAULT, out userToken) != 0);
if (loggedOn == false)
{
int apiError = Marshal.GetLastWin32Error();
StringBuilder errorMessage = new StringBuilder(1024);
FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, null, apiError, 0, errorMessage, 1024, null);
throw new Exception(errorMessage.ToString());
}
WindowsIdentity identity = new WindowsIdentity((IntPtr)userToken);
winImpersonationContext = identity.Impersonate();
}
public static void UndoImpersonation()
{
if (winImpersonationContext != null)
{
winImpersonationContext.Undo();
}
}
}
}
Use it in your program: 在程序中使用它:
string Admin = Properties.Settings.Default.Admin;
string AdminPassword = Properties.Settings.Default.AdminPassword;
string Domain = Properties.Settings.Default.Domain;
Impersonate.ImpersonateUser(Domain , Admin , AdminPassword);
//Your Code as the new User
Impersonate.UndoImpersonation();
hope it is what you search ^^ 希望这是您搜索的^^
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.