[英]Impersonate user in codebehind
我想模擬代碼中的特定用戶在遠程計算機上執行某些文件操作。 我遇到的問題是我無法模仿工作。 我正在使用此處的Microsoft文章中的代碼: 如何在ASP.NET應用程序中實現模擬
我想指導如何/在哪里開始調試過程。 這是我的文件:
Test.aspx文件中:
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Test.aspx.vb" Inherits="TraceFile_Test" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
This is the test page!<br />
<br />
Result: <asp:Label ID="lblResult" runat="server"></asp:Label><br />
<br />
<asp:Button ID="btnRunTest" Text="Run Test" runat="server" />
</div>
</form>
</body>
</html>
Test.aspx.vb:
Imports System.Web
Imports System.Web.Security
Imports System.Security.Principal
Imports System.Runtime.InteropServices
Partial Class TraceFile_Test
Inherits System.Web.UI.Page
Dim LOGON32_LOGON_INTERACTIVE As Integer = 2
Dim LOGON32_PROVIDER_DEFAULT As Integer = 0
Dim impersonationContext As WindowsImpersonationContext
Declare Function LogonUserA Lib "advapi32.dll" (ByVal lpszUsername As String, _
ByVal lpszDomain As String, _
ByVal lpszPassword As String, _
ByVal dwLogonType As Integer, _
ByVal dwLogonProvider As Integer, _
ByRef phToken As IntPtr) As Integer
Declare Auto Function DuplicateToken Lib "advapi32.dll" ( _
ByVal ExistingTokenHandle As IntPtr, _
ByVal ImpersonationLevel As Integer, _
ByRef DuplicateTokenHandle As IntPtr) As Integer
Declare Auto Function RevertToSelf Lib "advapi32.dll" () As Long
Declare Auto Function CloseHandle Lib "kernel32.dll" (ByVal handle As IntPtr) As Long
Public Sub Page_Load(ByVal s As Object, ByVal e As EventArgs)
lblResult.Text = "Hit button to run test, please."
End Sub
Private Function impersonateValidUser(ByVal userName As String, _
ByVal domain As String, ByVal password As String) As Boolean
Dim tempWindowsIdentity As WindowsIdentity
Dim token As IntPtr = IntPtr.Zero
Dim tokenDuplicate As IntPtr = IntPtr.Zero
impersonateValidUser = False
If RevertToSelf() Then
If LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, token) <> 0 Then
If DuplicateToken(token, 2, tokenDuplicate) <> 0 Then
tempWindowsIdentity = New WindowsIdentity(tokenDuplicate)
impersonationContext = tempWindowsIdentity.Impersonate()
If Not impersonationContext Is Nothing Then
impersonateValidUser = True
End If
End If
End If
End If
If Not tokenDuplicate.Equals(IntPtr.Zero) Then
CloseHandle(tokenDuplicate)
End If
If Not token.Equals(IntPtr.Zero) Then
CloseHandle(token)
End If
End Function
Private Sub undoImpersonation()
impersonationContext.Undo()
End Sub
Protected Sub btnRunTest_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnRunTest.Click
If impersonateValidUser("myUserName", "myDomain", "myPassword") Then
'Insert your code that runs under the security context of a specific user here.
Trace.Write("impersonation successful!")
lblResult.Text = "success"
undoImpersonation()
Else
'Your impersonation failed. Therefore, include a fail-safe mechanism here.
Trace.Write("impersonation failed!")
lblResult.Text = "fail"
End If
End Sub
End Class
我使用myUserName,myDomain和myPassword替換了真實憑據。
Web服務器是運行IIS 7的Windows 2008服務器。我不是服務器人,所以我不知道在哪里進行故障排除。 問題是代碼還是服務器端?
一如既往,感謝您提前花時間幫忙!
這是我在制作中使用的代碼。
第一堂課,與你的非常相似:
Imports System.Security.Principal
Imports System.Security.Permissions
Imports System.Diagnostics
Imports System.Runtime.InteropServices
Imports System.Security
Public Class LogonAPI
Public Const SECURITY_IMPERSONATION_LEVEL_SecurityAnonymous As Integer = 0
Public Const SECURITY_IMPERSONATION_LEVEL_SecurityIdentification As Integer = 1
Public Const SECURITY_IMPERSONATION_LEVEL_SecurityImpersonation As Integer = 2
Public Const SECURITY_IMPERSONATION_LEVEL_SecurityDelegation As Integer = 3
Public Const LOGON32_PROVIDER_DEFAULT As Integer = 0
Public Const LOGON32_PROVIDER_WINNT35 As Integer = 1
Public Const LOGON32_PROVIDER_WINNT40 As Integer = 2
Public Const LOGON32_PROVIDER_WINNT50 As Integer = 3
Public Const LOGON32_LOGON_INTERACTIVE As Integer = 2
Public Const LOGON32_LOGON_NETWORK As Integer = 3
Public Const LOGON32_LOGON_BATCH As Integer = 4
Public Const LOGON32_LOGON_SERVICE As Integer = 5
Public Const LOGON32_LOGON_UNLOCK As Integer = 7
Public Const LOGON32_LOGON_NETWORK_CLEARTEXT As Integer = 8
Public Const LOGON32_LOGON_NEW_CREDENTIALS As Integer = 9
Public Const ERROR_LOGON_FAILURE As Integer = 1326
<DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function LogonUser(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Boolean
End Function
<DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function RevertToSelf() As Boolean
End Function
<DllImport("kernel32.dll", CharSet:=CharSet.Auto)> _
Public Shared Function CloseHandle(ByVal handle As IntPtr) As Boolean
End Function
<DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function DuplicateToken(ByVal hToken As IntPtr, ByVal impersonationLevel As Integer, ByRef hNewToken As IntPtr) As Integer
End Function
Public Shared Function Login(ByVal Username As String, ByVal Domain As String, ByVal Password As String) As WindowsIdentity
Dim secPerm As New SecurityPermission(SecurityPermissionFlag.UnmanagedCode)
secPerm.Assert()
Dim user As WindowsIdentity = Nothing
Dim refToken As IntPtr = IntPtr.Zero
Dim loggedIn As Boolean
loggedIn = LogonAPI.LogonUser(Username, Domain, Password, LogonAPI.LOGON32_LOGON_NETWORK_CLEARTEXT, LogonAPI.LOGON32_PROVIDER_DEFAULT, refToken)
If loggedIn = True Then
user = New WindowsIdentity(refToken, "NTLM", WindowsAccountType.Normal, True)
End If
CodeAccessPermission.RevertAssert()
Return user
End Function
End Class
我通過調用來測試它:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
Dim ident As WindowsIdentity = LogonAPI.Login("user", "Domain", "password")
Dim imp = ident.Impersonate()
'impersonation code
Response.Write("Impersonating")
imp.Undo()
End Sub
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.