Impersonation?
- From: Tom Jackson
- Date: Tue, 18 Nov 2008 18:42:47 -0800
I realize this thread is over a year old, but I'll answer, anyway....
Sounds like you're trying to impersonate the user. This should get you started. Once you have the user impersonated, you can use CredentialCache.DefaultCredentials to do whatever you need the user to do (i.e. access a file via Stream, for instance).
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Windows.Forms;
using System.Security.Principal;
using System.Runtime.InteropServices;
using WUApiLib;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
[DllImport("advapi32.dll", EntryPoint = "LogonUser")]
public static extern bool LogonUser(
string lpszUsername,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", EntryPoint = "CloseHandle")]
public static extern bool CloseHandle(IntPtr hObject);
// Declare the logon types as constants
const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_LOGON_NETWORK = 3;
// Declare the logon providers as constants
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_PROVIDER_WINNT50 = 3;
const int LOGON32_PROVIDER_WINNT40 = 2;
const int LOGON32_PROVIDER_WINNT35 = 1;
protected void btnSubmit_Click(object sender, EventArgs e)
{
IntPtr tokenHandle = new IntPtr(0);
tokenHandle = IntPtr.Zero;
// Get the domain and user name
string[] arUser = new string[1];
char[] splitter = { '\\' };
string userId = txtUserID.Text;
arUser = userId.Split(splitter);
string domainName = arUser[0];
string userName = arUser[1];
string password = txtPassword.Text;
// Call LogonUser to obtain a handle to an access token
bool returnValue = LogonUser(userName, domainName, password,
LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_WINNT50, ref tokenHandle);
if (returnValue == false)
{
int ret = Marshal.GetLastWin32Error();
MessageBox.Show("LogonUser failed with error code : " + ret.ToString());
MessageBox.Show("\nError: " + ret.ToString());
}
MessageBox.Show("Did LogonUser Succeed? " + returnValue.ToString());
MessageBox.Show("Value of Windows NT token: " + tokenHandle.ToString());
if (returnValue == true)
{
//Impersonation
MessageBox.Show("Before impersonation: " +
WindowsIdentity.GetCurrent().Name);
WindowsIdentity newId = new WindowsIdentity(tokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
MessageBox.Show("After impersonation: " +
WindowsIdentity.GetCurrent().Name);
// Do your magic here...
impersonatedUser.Undo();
// Free the token
if (tokenHandle != IntPtr.Zero)
CloseHandle(tokenHandle);
}
That should get you started...
-Tom
.
- Prev by Date: REPOST: bug in Forms Authentication
- Next by Date: Deploy asp.net 1.1, 2.0 and 3.5 on IIS7.0
- Previous by thread: REPOST: bug in Forms Authentication
- Next by thread: Deploy asp.net 1.1, 2.0 and 3.5 on IIS7.0
- Index(es):
Relevant Pages
|
