ASP.NET中的模拟失败

Question

What I am attempting to do seems very simple in principal. 我试图做的事情看起来非常简单。 There is a directory which contains documents that I need to provide to my users however the account under which IIS is running does not have access. 有一个目录，其中包含我需要提供给我的用户的文档，但是运行IIS的帐户没有访问权限。 So what I am attempting to do is use impersonation to open the document in a .ashx with an account that does have access and write the document to the response stream. 所以我试图做的是使用模拟在.ashx中打开文档，该帐户具有访问权限并将文档写入响应流。 Unfortunately unless I am hosting the website in an instance of Visual Studio which I am running as an administrator the code snippet below fails on using (Stream fileStream = new FileStream(@"c:\\test3.pdf", FileMode.Open)) with System.UnauthorizedAccessException . 不幸的是，除非我在作为管理员运行的Visual Studio实例中托管网站，否则下面的代码片段无法using (Stream fileStream = new FileStream(@"c:\\test3.pdf", FileMode.Open)) System.UnauthorizedAccessException 。 This doesnt seem to make sense as impersonation seems to have taken affect as WindowsIdentity.GetCurrent().Name returns the name of my test account and the test account does have access to open the document. 这似乎没有意义，因为模仿似乎已经影响了WindowsIdentity.GetCurrent().Name返回我的测试帐户的名称，测试帐户有权打开文档。 It seems like I am missing something very simple here does anyone know what it is? 看来我在这里遗漏的东西非常简单，有人知道它是什么吗？ I appreciate any help!!!! 我感谢任何帮助!!!!

<%@ WebHandler Language="C#" Class="PDFHandler" %>

using System;
using System.Web;
using System.IO;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.Threading;

public class PDFHandler : IHttpHandler {

    [DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool LogonUser(
            String lpszUsername,
            String lpszDomain,
            String lpszPassword,
            int dwLogonType,
            int dwLogonProvider,
            ref IntPtr phToken);
    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern bool RevertToSelf();


    public void ProcessRequest (HttpContext context) {
        context.Response.Clear();
        context.Response.ClearContent();
        context.Response.ClearHeaders();
        context.Response.ContentType = "application/pdf";
        byte[] result = null;

        IntPtr admin_token = default(IntPtr);
        WindowsIdentity wid_current = WindowsIdentity.GetCurrent();
        WindowsIdentity wid_admin = null;
        WindowsImpersonationContext wic = null;

        RevertToSelf();

        if (LogonUser("test account", "Odysseus", "test", 2, 0, ref admin_token) == true)
        {
            wid_admin = new WindowsIdentity(admin_token);
            wic = wid_admin.Impersonate();
        using (Stream fileStream = new FileStream(@"c:\test3.pdf", FileMode.Open))
        {
            result = ReadFully(fileStream);

            fileStream.Close();
        }
        }
        else
        {
            //login failed
        }

        context.Response.BinaryWrite(result);
        context.Response.Flush();
    }

    public static byte[] ReadFully(Stream input)
    {
        byte[] returnValue;

        byte[] buffer = new byte[16 * 1024];
        using (MemoryStream ms = new MemoryStream())
        {
            int read;
            while ((read = input.Read(buffer, 0, buffer.Length)) > 0)
            {
                ms.Write(buffer, 0, read);
            }
            returnValue = ms.ToArray();
        }

        return returnValue;
    }

    public bool IsReusable {
        get {
            return false;
        }
    }

}

Answer 1

You could move this page to a new folder and add a web.config file. 您可以将此页面移动到新文件夹并添加web.config文件。 Then use the identity tag to enable impersonation. 然后使用标识标记启用模拟。 Read the remarks on how to encrypt the username and password to the registry. 阅读有关如何加密注册表的用户名和密码的备注。

Read the 'Alternatives' section on this article . 阅读上的“替代品”部分文章。

ASP.NET中的模拟失败

问题描述

1 个解决方案

解决方案1
0 2012-11-18 23:20:29

ASP.NET中的模拟失败

问题描述

1 个解决方案

解决方案1 0 2012-11-18 23:20:29

解决方案1
0 2012-11-18 23:20:29