我正在尝试在运行连接到API之前模拟其他用户。我的代码在windows xp上工作正常,但是1个用户收到了Windows 7机器,代码不再有效。没有错误,防御似乎有效,但无论我尝试什么,使用当前用户的上下文调用服务。我试过拒绝UAC,但仍然没有。如果我运行AS我可以让整个应用程序作为其他用户运行,但这不是我想要做的。有谁知道什么可能导致冒充停止在机器上工作?
CODE:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.Windows.Forms;
using System.Security.Permissions;
//This class is based on the code from here: http://msdn.microsoft.com/en- us/library/chf6fbt4.aspx
//And here: http://msdn.microsoft.com/en-us/library/system.security.principal.windowsidentity.aspx
public class Impersonator
{
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
private static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
private static WindowsImpersonationContext impersonationContext;
//For reference, not used yet.
//Ex: (int)Logontype.Interactive
enum LogonType
{
Interactive = 2,
Network = 3,
Batch = 4,
Service = 5,
Unlock = 7,
NetworkClearText = 8,
NewCredentials = 9
}
//For reference, not used yet
enum LogonProvider
{
Default = 0,
WinNT35 = 1,
WinNT40 = 2,
}
// If you incorporate this code into a DLL, be sure to demand FullTrust.
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public static void Impersonate(string user, string domain, string password)
{
try
{
//Impersonate a Windows User
SafeTokenHandle safeTokenHandle = default(SafeTokenHandle);
const int LOGON32_PROVIDER_DEFAULT = 0;
//This parameter causes LogonUser to create a primary token.
//const int LOGON32_LOGON_INTERACTIVE = 2; //Orig
const int LOGON32_LOGON_INTERACTIVE = 2; //2,9,7
// Call LogonUser to obtain a handle to an access token.
bool returnValue = LogonUser(user, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, out safeTokenHandle);
WindowsIdentity windowsIdentity = new WindowsIdentity (safeTokenHandle.DangerousGetHandle());
impersonationContext = windowsIdentity.Impersonate();
//WindowsIdentity.Impersonate(safeTokenHandle.DangerousGetHandle());
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
public static void StopImpersonating()
{
try
{
// Stop impersonating the user.
impersonationContext.Undo();
// Check the identity name.
Console.Write("Name of the identity after performing an Undo on the");
Console.WriteLine(" impersonation: " + WindowsIdentity.GetCurrent().Name);
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
}
}
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Microsoft.Win32.SafeHandles;
using System.Runtime.InteropServices;
using System.Security;
using System.Runtime.ConstrainedExecution;
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle()
: base(true)
{
}
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{
return CloseHandle(handle);
}
}