[英]Impersonate a Active Directory user in MVC application with Windows Authentication
我正在为Intranet MVC应用程序构建管理模块。 该应用程序实现Windows身份验证(用户自动登录)。
目前,我基于其HttpContext.User.Identity数据来提供所有用户体验。
我需要做的是能够模拟用户,以便在他们遇到问题时可以复制他们的经验。
使用表单身份验证,这非常简单...
我尝试替换HttpContext中的IPrincipal.User对象,但这仅具有getter而不是setter。
任何指针将不胜感激。
谢谢。
using (new Impersonation()){
// now working in context of whatever user you want
}
这是班级
[PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
public class Impersonation : IDisposable
{
private readonly SafeTokenHandle _handle;
private readonly WindowsImpersonationContext _context;
//const int Logon32LogonNewCredentials = 9;
private const int Logon32LogonInteractive = 2;
public Impersonation()
{
var domain = "your domain;
var username = "the user";
var password = "their password";
var ok = LogonUser(username, domain, password, Logon32LogonInteractive, 0, out _handle);
if (!ok)
{
var errorCode = Marshal.GetLastWin32Error();
throw new ApplicationException(string.Format("Could not impersonate the elevated user. LogonUser returned error code {0}.", errorCode));
}
_context = WindowsIdentity.Impersonate(_handle.DangerousGetHandle());
}
public void Dispose()
{
_context.Dispose();
_handle.Dispose();
}
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle()
: base(true) { }
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{
return CloseHandle(handle);
}
}
}
在MVC中检索用户数据的Active Directory身份验证
[英]Active Directory Authentication with Retrieving User Data in MVC
ASP.NET MVC 5:应用程序池,Windows身份验证和Active Directory
[英]ASP.NET MVC 5: App Pool, Windows Authentication and Active Directory
ASP.NET MVC 4,Windows身份验证和Active Directory
[英]ASP.NET MVC 4, Windows Authentication and Active Directory
具有自定义角色和Active Directory的ASP MVC 5 Windows身份验证
[英]ASP MVC 5 Windows authentication with custom roles and Active Directory
使用Active Directory(AD)在MVC中实现Windows身份验证
[英]Implementing windows authentication in MVC using Active Directory (AD)
将活动目录组与Windows身份验证aspnet mvc 3集成
[英]integrating active directory group with windows authentication aspnet mvc 3
是否可以在 ASP.NET MVC 应用程序中将用户添加到 Active Directory?
[英]Is it possible to add a user to Active Directory in an ASP.NET MVC application?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.