在ASP.NET应用程序中使用身份模拟(Impersonation) ASP.netASP.net应用服务器VB.NET
<identity impersonate="true" />
<identity impersonate="true" userName="accountname" password="password" />
Dim impersonationContext As System.Security.Principal.WindowsImpersonationContextDim currentWindowsIdentity As System.Security.Principal.WindowsIdentitycurrentWindowsIdentity = CType(User.Identity, System.Security.Principal.WindowsIdentity)impersonationContext = currentWindowsIdentity.Impersonate()'Insert your code that runs under the security context of the authenticating user here.impersonationContext.Undo()
System.Security.Principal.WindowsImpersonationContext impersonationContext;impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();//Insert your code that runs under the security context of the authenticating user here.impersonationContext.Undo();
<%@ Page Language="VB" %><%@ Import Namespace = "System.Web" %><%@ Import Namespace = "System.Web.Security" %><%@ Import Namespace = "System.Security.Principal" %><%@ Import Namespace = "System.Runtime.InteropServices" %><script runat=server>Dim LOGON32_LOGON_INTERACTIVE As Integer = 2Dim LOGON32_PROVIDER_DEFAULT As Integer = 0Dim impersonationContext As WindowsImpersonationContextDeclare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, _ByVal lpszDomain As String, _ByVal lpszPassword As String, _ByVal dwLogonType As Integer, _ByVal dwLogonProvider As Integer, _ByRef phToken As IntPtr) As IntegerDeclare Auto Function DuplicateToken Lib "advapi32.dll"(ByVal ExistingTokenHandle As IntPtr, _ImpersonationLevel As Integer, _ByRef DuplicateTokenHandle As IntPtr) As IntegerPublic Sub Page_Load(s As Object, e As EventArgs)If impersonateValidUser("username", "domain", "password") Then'Insert your code that runs under the security context of a specific user here.undoImpersonation()Else'Your impersonation failed. Therefore, include a fail-safe mechanism here.End IfEnd SubPrivate Function impersonateValidUser(userName As String, _domain As String, password As String) As BooleanDim tempWindowsIdentity As WindowsIdentityDim token As IntPtrDim tokenDuplicate As IntPtrIf LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE, _LOGON32_PROVIDER_DEFAULT, token) <> 0 ThenIf DuplicateToken(token, 2, tokenDuplicate) <> 0 ThentempWindowsIdentity = new WindowsIdentity(tokenDuplicate)impersonationContext = tempWindowsIdentity.Impersonate()If impersonationContext Is Nothing ThenimpersonateValidUser = FalseElseimpersonateValidUser = TrueEnd IfElseimpersonateValidUser = FalseEnd IfElseimpersonateValidUser = FalseEnd IfEnd FunctionPrivate Sub undoImpersonation()impersonationContext.Undo()End Sub</script>
<%@ Page Language="C#"%><%@ Import Namespace = "System.Web" %><%@ Import Namespace = "System.Web.Security" %><%@ Import Namespace = "System.Security.Principal" %><%@ Import Namespace = "System.Runtime.InteropServices" %><script runat=server>public const int LOGON32_LOGON_INTERACTIVE = 2;public const int LOGON32_PROVIDER_DEFAULT = 0;WindowsImpersonationContext impersonationContext;[DllImport("advapi32.dll", CharSet=CharSet.Auto)]public static extern int LogonUser(String lpszUserName,String lpszDomain,String lpszPassword,int dwLogonType,int dwLogonProvider,ref IntPtr phToken);[DllImport("advapi32.dll", CharSet=System.Runtime.InteropServices.CharSet.Auto, SetLastError=true)]public extern static int DuplicateToken(IntPtr hToken,int impersonationLevel,ref IntPtr hNewToken);public void Page_Load(Object s, EventArgs e){if(impersonateValidUser("username", "domain", "password")){//Insert your code that runs under the security context of a specific user here.undoImpersonation();}else{//Your impersonation failed. Therefore, include a fail-safe mechanism here.}}private bool impersonateValidUser(String userName, String domain, String password){WindowsIdentity tempWindowsIdentity;IntPtr token = IntPtr.Zero;IntPtr tokenDuplicate = IntPtr.Zero;if(LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,LOGON32_PROVIDER_DEFAULT, ref token) != 0){if(DuplicateToken(token, 2, ref tokenDuplicate) != 0){tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);impersonationContext = tempWindowsIdentity.Impersonate();if (impersonationContext != null)return true;elsereturn false;}elsereturn false;}elsereturn false;}private void undoImpersonation(){impersonationContext.Undo();}</script>
bool a = File.Exists("D:\\Share\\test.txt");
<identity impersonate="true" userName="FileExist" password="password" />