希望在这里得到一些帮助。
我正在使用模拟登录共享文件夹,一切都在本地运行(WIN8)。它在Win2K8 IIS7服务器上不起作用。
以下代码用于模拟:
public sealed class WrappedImpersonation
{
public enum LogonType : int
{
Interactive = 2,
Network = 3,
Batch = 4,
Service = 5,
Unlock = 7,
NetworkClearText = 8,
NewCredentials = 9
}
public enum LogonProvider : int
{
Default = 0, // LOGON32_PROVIDER_DEFAULT
WinNT35 = 1,
WinNT40 = 2, // Use the NTLM logon provider.
WinNT50 = 3 // Use the negotiate logon provider.
}
public enum ImpersonationLevel
{
SecurityAnonymous = 0,
SecurityIdentification = 1,
SecurityImpersonation = 2,
SecurityDelegation = 3
}
[DllImport("advapi32.dll", EntryPoint = "LogonUserW", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain,
String lpszPassword, LogonType dwLogonType, LogonProvider dwLogonProvider, ref IntPtr phToken);
[DllImport("kernel32.dll")]
public extern static bool CloseHandle(IntPtr handle);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern int DuplicateToken(IntPtr hToken, int impersonationLevel, ref IntPtr hNewToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern bool RevertToSelf();
private string _domain, _password, _username;
private IntPtr _token;
private WindowsImpersonationContext _context;
private IntPtr _duplicateToken;
private bool IsInContext
{
get { return _context != null; }
}
public WrappedImpersonation(string domain, string username, string password)
{
_domain = String.IsNullOrEmpty(domain) ? "." : domain;
_username = username;
_password = password;
_token = IntPtr.Zero;
}
// Changes the Windows identity of this thread. Make sure to always call Leave() at the end.
[PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
public void Enter()
{
if (IsInContext)
return;
_token = IntPtr.Zero;
bool logonSuccessfull = LogonUser(_username, _domain, _password, LogonType.NewCredentials, LogonProvider.WinNT50, ref _token);
if (!logonSuccessfull)
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
DuplicateToken(_token, (int)ImpersonationLevel.SecurityImpersonation, ref _duplicateToken);
WindowsIdentity identity = new WindowsIdentity(_duplicateToken);
_context = identity.Impersonate();
Debug.WriteLine(WindowsIdentity.GetCurrent().Name);
}
[PermissionSetAttribute(SecurityAction.Demand, Name = "FullTrust")]
public void Leave()
{
if (!IsInContext)
return;
_context.Undo();
if (_token != IntPtr.Zero)
{
CloseHandle(_token);
}
_context = null;
}
用法:
var impersonationContext = new WrappedImpersonation(_url, _login, _password);
impersonationContext.Enter();
List<string> files = Directory.GetFiles(_dataSet.TransferMethod.URL).ToList();
impersonationContext.Leave();
服务器设置: 本地安全政策 - &gt;本地政策 - &gt;用户权利分配 - &gt;身份验证后模拟客户端:我的AppPool身份是否需要添加到此处?
启动了次要登录服务。
服务器上的错误代码:System.UnauthorizedAccessException:拒绝访问路径'\ MyServer \ MySharedFolder'。
我已经尝试过WNetAddConnection2方法,但如果你想在共享之间切换这些方法是不够的,因为这会在一段时间后阻塞。
应用程序:MVC.NET .NET版本:4.5
有没有人让它在Win2K8 IIS7机器上运行?