【问题标题】:Dynamic impersonation in asp.netasp.net 中的动态模拟
【发布时间】:2012-02-19 17:46:59
【问题描述】:

有没有办法在 asp.net 中动态模拟用户?我需要在每个请求的上下文中进行模拟,因为每次模拟的用户可能都不同。这就是我不能使用 web.config 的原因,因为它适用于所有请求。

【问题讨论】:

    标签: asp.net security impersonation


    【解决方案1】:

    我不记得我在哪里上过这门课。但这应该对你有好处。

    using System;
    using System.Security.Principal;
    using System.Runtime.InteropServices;
    
    public class Impersonation
        {
            public static int LOGON32_LOGON_INTERACTIVE = 2;
            public static int LOGON32_PROVIDER_DEFAULT = 0;
    
            [DllImport("advapi32.dll")]
            public static extern int LogonUserA(string lpxzUsername, string lpzDomain, string lpzPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
            [DllImport("advapi32.dll")]
            public static extern int DuplicateToken(IntPtr ExistingTokenHandle, int ImpersonationLevel, ref IntPtr DuplicateTokenHandle);
            [DllImport("advapi32.dll")]
            public static extern long RevertToSelf();
    
            [DllImport("Kernel32.dll")]
            public static extern long CloseHandle(IntPtr handle);
    
            public static WindowsImpersonationContext impersonationContext;
    
            public static bool impersonateValidUser(string userName, string domain, string password)
            {
                WindowsIdentity tempWindowsIdentity;
                IntPtr token = IntPtr.Zero;
                IntPtr tokenDuplicate = IntPtr.Zero;
                bool ValidUser = false;
    
                if (RevertToSelf() != 0)
                {
                    if (LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
                    {
                        if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
                        {
                            tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
                            impersonationContext = tempWindowsIdentity.Impersonate();
                            if (impersonationContext != null)
                            {
                                ValidUser = true;
                            }
                        }
                    }
                }
    
                if (!tokenDuplicate.Equals(IntPtr.Zero))
                {
                    CloseHandle(tokenDuplicate);
                }
                if (!token.Equals(IntPtr.Zero))
                {
                    CloseHandle(token);
                }
                return ValidUser;
    
            }
    
            public static void undoImpersonation()
            {
                try
                {
                    impersonationContext.Undo();
                }
                catch
                {
                }
            }
        }
    

    那你就这样称呼它

    Impersonation.impersonateValidUser("user", "domain", "password");
    

    希望对你有帮助。

    【讨论】:

      猜你喜欢
      • 2011-05-11
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2019-09-09
      • 2011-02-08
      • 2021-05-28
      • 2011-05-11
      相关资源
      最近更新 更多