1. 首頁
  2. 問答
  3. 表單身份驗證和冒充

表單身份驗證和冒充

2012-07-18 104 views
0

我試圖在我的應用程序中實現表單身份驗證。同時,我想模仿使用高級預防性帳戶,在oredr中訪問服務器的文件。我寫了下面的代碼:表單身份驗證和冒充

<system.web> 
    <compilation debug="true" targetFramework="4.0" /> 
    <authentication mode="Forms"> 
    <forms loginUrl="Login.aspx" timeout="30" defaultUrl="HomePage.aspx"   
    cookieless="AutoDetect"> 
     <credentials passwordFormat="Clear"> 
     <user name="user1" password="[email protected]"/> 
     <user name="user2" password="[email protected]"/> 
     </credentials> 
    </forms> 
    </authentication> 
    <authorization> 
    <deny users="?"/> 
    </authorization> 
    <identity impersonate="true" userName="domain\abcd" password="aaaa"/> 
    </system.web>

看來,模擬不起作用。我們不能使用表單身份驗證模擬嗎?

來源

2012-07-18 techmad

+0

是的,你可以使用模擬與FormsAuthentication。你究竟想要做什麼不工作? – 2012-07-18 12:45:46

回答

-1

使用表單驗證以下內容:

<forms loginUrl="Login.aspx" defaultUrl="HomePage.aspx" protection="Validation" timeout="30"/>

來源

2012-07-18 14:06:37 Subhankar

0

扮演類:

using System; 
using System.Collections.Generic; 
using System.Linq; 
using System.Web.Security; 
using System.Security.Principal; 
using System.Runtime.InteropServices; 
using System.IO; 
using System.Text; 

using System.Web; 

namespace [YourProgramName] //You must change it 
{ 
    public class Impersonate 
    { 

     [DllImport("advapi32.dll", SetLastError = true)] 
     private static extern int LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, 
              int dwLogonType, int dwLogonProvider, out int phToken); 

     [DllImport("kernel32.dll")] 
     private static extern int FormatMessage(int dwFlags, string lpSource, int dwMessageId, int dwLanguageId, 
               StringBuilder lpBuffer, int nSize, string[] Arguments); 


     private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8; 
     private const int LOGON32_PROVIDER_DEFAULT = 0; 
     private const int FORMAT_MESSAGE_FROM_SYSTEM = 0x1000; 

     private static WindowsImpersonationContext winImpersonationContext = null; 

     public static void ImpersonateUser(string domain, string userName, string password) 
     { 

      //Benutzer einloggen 
      int userToken = 0; 

      bool loggedOn = (LogonUser(userName, domain, password, LOGON32_LOGON_NETWORK_CLEARTEXT, 
             LOGON32_PROVIDER_DEFAULT, out userToken) != 0); 

      if (loggedOn == false) 
      { 
       int apiError = Marshal.GetLastWin32Error(); 
       StringBuilder errorMessage = new StringBuilder(1024); 
       FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, null, apiError, 0, errorMessage, 1024, null); 
       throw new Exception(errorMessage.ToString()); 
      } 

      WindowsIdentity identity = new WindowsIdentity((IntPtr)userToken); 
      winImpersonationContext = identity.Impersonate(); 

     } 

     public static void UndoImpersonation() 
     { 
      if (winImpersonationContext != null) 
      { 
       winImpersonationContext.Undo(); 
      } 
     } 

    } 
}

用它在你的程序:

Impersonate.ImpersonateUser("Domain", "Username", "UserPassword"); 

        //Your Code as the new User 

       Impersonate.UndoImpersonation();

來源

2012-07-24 07:56:02 Tarasov

相關問題

 相關問題