2

当我像这样使用 WindowsIdentity Impersonation 时:

 WindowsIdentity newId = null;
        WindowsImpersonationContext impersonatedUser = null;

                 Console.WriteLine("Name of the identity BEFORE impersonation: "
   + WindowsIdentity.GetCurrent().Name + ".");
                newId = new WindowsIdentity(_impersonationToken);
                impersonatedUser = newId.Impersonate();
                Console.WriteLine("Name of the identity AFTER impersonation: "
    + WindowsIdentity.GetCurrent().Name + ".");

(它被用来将文件从我的计算机复制到 winCE 机器。)

之前的名称和之后的名称保持相同。当我在模拟后查看@ newId 令牌时,它与我用来模拟的令牌不同。我模拟的令牌与我登录的用户肯定不是同一个用户。

有人对它为什么不想使用我的令牌有任何建议吗?(哦,是的,昨天它就像一个魅力:s)

这就是我生成令牌的方式:

[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
        public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
            int dwLogonType, int dwLogonProvider, ref IntPtr phToken);


LogonUser(Username, IPMachine, Password,
                            LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT,
                            ref _token);

它给出了一个成功的布尔值,所以我认为我的令牌没有问题

4

3 回答 3

2

这是另一个很好的例子,你可以试试

于 2011-04-28T09:38:54.233 回答
0

你如何生成你的_impersonationToken?

CodeProject有一个很好的关于模拟的解决方案。看看这可能会给你一些新的想法。

于 2011-04-28T09:25:27.927 回答
0

我得到这个工作:

/// <summary>
/// Summary description for Impersonate
/// </summary>
public class Impersonate
{
    #region "Class Members"
    public const int LOGON32_LOGON_INTERACTIVE = 2;
    public const int LOGON32_PROVIDER_DEFAULT = 0;
    WindowsImpersonationContext _impersonationContext;
    #endregion

    #region "Class Properties"
    private string domainName { get; set; }
    private string userName { get; set; }
    private string userPassword { get; set; }
    #endregion

    public Impersonate(string domainName, string userName, string userPassword)
    {
        this.domainName = domainName;
        this.userName = userName;
        this.userPassword = userPassword;
    }

    #region "Impersonation Code"
    [DllImport("advapi32.dll")]
    public static extern int LogonUserA(String lpszUserName,
        String lpszDomain,
        String lpszPassword,
        int dwLogonType,
        int dwLogonProvider,
        ref IntPtr phToken);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern int DuplicateToken(IntPtr hToken,
        int impersonationLevel,
        ref IntPtr hNewToken);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern bool RevertToSelf();

    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern bool CloseHandle(IntPtr handle);

    [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
    public bool ImpersonateValidUser()
    {
        var token = IntPtr.Zero;
        var tokenDuplicate = IntPtr.Zero;

        if (RevertToSelf())
        {
            if (LogonUserA(this.userName, this.domainName, this.userPassword, LOGON32_LOGON_INTERACTIVE,
                LOGON32_PROVIDER_DEFAULT, ref token) != 0)
            {
                if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
                {
                    var tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
                    _impersonationContext = tempWindowsIdentity.Impersonate();

                    if (_impersonationContext != null)
                    {
                        CloseHandle(token);
                        CloseHandle(tokenDuplicate);

                        return true;
                    }
                }
            }
        }
        if (token != IntPtr.Zero)
            CloseHandle(token);

        if (tokenDuplicate != IntPtr.Zero)
            CloseHandle(tokenDuplicate);

        return false;
    }

    public void UndoImpersonation()
    {
        _impersonationContext.Undo();
    }
    #endregion
}

你可以这样称呼它:

            var impessonate = new Impersonate(".", "User", "Psw");

            if (impessonate.ImpersonateValidUser())
            {
                // do stuff
                impessonate.UndoImpersonation();
            }
于 2019-03-16T16:44:27.190 回答