检查管理员

时间:2009-11-18 18:43:35

标签: c# asp.net visual-studio-2008 login

我开发了一个Web应用程序,只有具有管理员角色的用户才能访问它,而没有其他人...

我无法确定用户是否是管理员////

我的登录页面代码是

public partial class LoginPage : System.Web.UI.Page
{
    public const int LOGON32_LOGON_INTERACTIVE = 2;
    public const int LOGON32_PROVIDER_DEFAULT = 0;

    //WindowsImpersonationContext impersonationContext;

    [DllImport("advapi32.dll")]
    public static extern int LogonUserA(String lpszUserName,
        String lpszDomain,
        String lpszPassword,
        int dwLogonType,
        int dwLogonProvider,
        ref IntPtr phToken);
    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern int DuplicateToken(IntPtr hToken,
        int impersonationLevel,
        ref IntPtr hNewToken);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern bool RevertToSelf();

    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern bool CloseHandle(IntPtr handle);

    protected void LoginButton_Click(object sender, EventArgs e)
    {

        IntPtr token = IntPtr.Zero;
        IntPtr tokenDuplicate = IntPtr.Zero;

        if(LogonUserA(UserName.Text, Domain.Text, Password.Text, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref token) != 0)
            {
                System.Security.Principal.WindowsIdentity wi = System.Security.Principal.WindowsIdentity.GetCurrent();
                System.Security.Principal.WindowsPrincipal wp = new System.Security.Principal.WindowsPrincipal(wi);
                if (wp.IsInRole("Administrators"))
            {
                BadCredentials.Visible = false;
                Session["userName"] = UserName.Text;
                Session["password"] = Password.Text;
                Session["domain"] = Domain.Text;
                FormsAuthentication.RedirectFromLoginPage(UserName.Text, false);
            }
            else
            {
                BadCredentials.Visible = true;
                Label1.Text = wp.Identity.ToString();
                Label2.Text = wi.Name.ToString();
                Label3.Text = "not Admin";
            }

            }
        else
        {
            BadCredentials.Visible = true;
            Label4.Text = "not valid user";
        }

当我输入管理员和密码时

在这里,Label2.text给了我

  

XYZCOMP \ IUSR_XYZCOMP

并没有进入下一页......

任何帮助请...谢谢

我正在使用表单身份验证

>  <authentication mode="Forms"> <forms
> name="AuthCookie"
> LoginUrl="Login.aspx" timeout = "60"
> /> </authentication> <authorization>
> <deny users="?" /> 
>  <allow users="*" />
> </authorization>

2 个答案:

答案 0 :(得分:0)

我认为你的问题就在这一行:

wi = System.Security.Principal.WindowsIdentity.GetCurrent();

尝试将其更改为

wi = (WindowsIdentity)HttpContext.Current.User.Identity;

答案 1 :(得分:0)

如果您使用Windows身份验证访问该网站,则只需使用web.config来限制谁有权访问该网站:

    <authentication mode="Windows"/>
    <authorization>
        <allow role="DOMAIN\Administrator"/>
        <deny users="*"/>
    </authorization>

这就是你想要的吗?