堆棧內存溢出
  簡體   English   中英

在代碼隱藏中模仿用戶

[英]Impersonate user in codebehind

 原文  2010-12-22 00:32:46       asp.net/ vb.net/ impersonation

問題描述

我想模擬代碼中的特定用戶在遠程計算機上執行某些文件操作。 我遇到的問題是我無法模仿工作。 我正在使用此處的Microsoft文章中的代碼: 如何在ASP.NET應用程序中實現模擬

我想指導如何/在哪里開始調試過程。 這是我的文件:

Test.aspx文件中: 

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Test.aspx.vb" Inherits="TraceFile_Test" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    This is the test page!<br />
    <br />
    Result: <asp:Label ID="lblResult" runat="server"></asp:Label><br />
    <br />
    <asp:Button ID="btnRunTest" Text="Run Test" runat="server" />
    </div>
    </form>
</body>
</html>

Test.aspx.vb: 

Imports System.Web
Imports System.Web.Security
Imports System.Security.Principal
Imports System.Runtime.InteropServices

Partial Class TraceFile_Test
    Inherits System.Web.UI.Page


    Dim LOGON32_LOGON_INTERACTIVE As Integer = 2
    Dim LOGON32_PROVIDER_DEFAULT As Integer = 0

    Dim impersonationContext As WindowsImpersonationContext

    Declare Function LogonUserA Lib "advapi32.dll" (ByVal lpszUsername As String, _
                            ByVal lpszDomain As String, _
                            ByVal lpszPassword As String, _
                            ByVal dwLogonType As Integer, _
                            ByVal dwLogonProvider As Integer, _
                            ByRef phToken As IntPtr) As Integer

    Declare Auto Function DuplicateToken Lib "advapi32.dll" ( _
                            ByVal ExistingTokenHandle As IntPtr, _
                            ByVal ImpersonationLevel As Integer, _
                            ByRef DuplicateTokenHandle As IntPtr) As Integer

    Declare Auto Function RevertToSelf Lib "advapi32.dll" () As Long
    Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Long


    Public Sub Page_Load(ByVal s As Object, ByVal e As EventArgs)
        lblResult.Text = "Hit button to run test, please."
    End Sub

    Private Function impersonateValidUser(ByVal userName As String, _
    ByVal domain As String, ByVal password As String) As Boolean

        Dim tempWindowsIdentity As WindowsIdentity
        Dim token As IntPtr = IntPtr.Zero
        Dim tokenDuplicate As IntPtr = IntPtr.Zero
        impersonateValidUser = False

        If RevertToSelf() Then
            If LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
                If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
                    tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
                    impersonationContext = tempWindowsIdentity.Impersonate()
                    If Not impersonationContext Is Nothing Then
                        impersonateValidUser = True
                    End If
                End If
            End If
        End If
        If Not tokenDuplicate.Equals(IntPtr.Zero) Then
            CloseHandle(tokenDuplicate)
        End If
        If Not token.Equals(IntPtr.Zero) Then
            CloseHandle(token)
        End If
    End Function

    Private Sub undoImpersonation()
        impersonationContext.Undo()
    End Sub


    Protected Sub btnRunTest_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnRunTest.Click
        If impersonateValidUser("myUserName", "myDomain", "myPassword") Then
            'Insert your code that runs under the security context of a specific user here.
            Trace.Write("impersonation successful!")
            lblResult.Text = "success"
            undoImpersonation()
        Else
            'Your impersonation failed. Therefore, include a fail-safe mechanism here.
            Trace.Write("impersonation failed!")
            lblResult.Text = "fail"
        End If
    End Sub
End Class

我使用myUserName,myDomain和myPassword替換了真實憑據。

Web服務器是運行IIS 7的Windows 2008服務器。我不是服務器人,所以我不知道在哪里進行故障排除。 問題是代碼還是服務器端?

一如既往,感謝您提前花時間幫忙!

1 個解決方案

解決方案1
 9 已采納  2011-01-05 16:42:22

這是我在制作中使用的代碼。

第一堂課,與你的非常相似: 

Imports System.Security.Principal
Imports System.Security.Permissions
Imports System.Diagnostics
Imports System.Runtime.InteropServices
Imports System.Security

Public Class LogonAPI
    Public Const SECURITY_IMPERSONATION_LEVEL_SecurityAnonymous As Integer = 0
    Public Const SECURITY_IMPERSONATION_LEVEL_SecurityIdentification As Integer = 1
    Public Const SECURITY_IMPERSONATION_LEVEL_SecurityImpersonation As Integer = 2
    Public Const SECURITY_IMPERSONATION_LEVEL_SecurityDelegation As Integer = 3

    Public Const LOGON32_PROVIDER_DEFAULT As Integer = 0
    Public Const LOGON32_PROVIDER_WINNT35 As Integer = 1
    Public Const LOGON32_PROVIDER_WINNT40 As Integer = 2
    Public Const LOGON32_PROVIDER_WINNT50 As Integer = 3

    Public Const LOGON32_LOGON_INTERACTIVE As Integer = 2
    Public Const LOGON32_LOGON_NETWORK As Integer = 3
    Public Const LOGON32_LOGON_BATCH As Integer = 4
    Public Const LOGON32_LOGON_SERVICE As Integer = 5
    Public Const LOGON32_LOGON_UNLOCK As Integer = 7
    Public Const LOGON32_LOGON_NETWORK_CLEARTEXT As Integer = 8
    Public Const LOGON32_LOGON_NEW_CREDENTIALS As Integer = 9

    Public Const ERROR_LOGON_FAILURE As Integer = 1326

    <DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
    Public Shared Function LogonUser(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Boolean
    End Function

    <DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
    Public Shared Function RevertToSelf() As Boolean
    End Function

    <DllImport("kernel32.dll", CharSet:=CharSet.Auto)> _
    Public Shared Function CloseHandle(ByVal handle As IntPtr) As Boolean
    End Function

    <DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
    Public Shared Function DuplicateToken(ByVal hToken As IntPtr, ByVal impersonationLevel As Integer, ByRef hNewToken As IntPtr) As Integer
    End Function

    Public Shared Function Login(ByVal Username As String, ByVal Domain As String, ByVal Password As String) As WindowsIdentity
        Dim secPerm As New SecurityPermission(SecurityPermissionFlag.UnmanagedCode)
        secPerm.Assert()

        Dim user As WindowsIdentity = Nothing

        Dim refToken As IntPtr = IntPtr.Zero
        Dim loggedIn As Boolean

        loggedIn = LogonAPI.LogonUser(Username, Domain, Password, LogonAPI.LOGON32_LOGON_NETWORK_CLEARTEXT, LogonAPI.LOGON32_PROVIDER_DEFAULT, refToken)

        If loggedIn = True Then
            user = New WindowsIdentity(refToken, "NTLM", WindowsAccountType.Normal, True)
        End If
        CodeAccessPermission.RevertAssert()

        Return user
    End Function
End Class

我通過調用來測試它: 

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
    Dim ident As WindowsIdentity = LogonAPI.Login("user", "Domain", "password")

    Dim imp = ident.Impersonate()

    'impersonation code
    Response.Write("Impersonating")

    imp.Undo()
End Sub

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 使用表單授權模擬用戶 如何模擬其他用戶? 如何模擬用戶CRM 2011用戶? 模擬HttpHandler中的經過身份驗證的用戶以進行WCF調用 如何在Web服務中模擬AD用戶? 模擬來自多個呼叫者的WCF中的用戶 在ASP.NET中模擬成員資格用戶 ADOMD.net模擬Windows用戶ID 嘗試模擬時出現WCF用戶身份問題 可以在機器之間復制cookie來冒充用戶嗎?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM