c #WindowsIdentity模拟无法正常工作

时间:2011-04-28 09:14:53

标签: c# wpf windows-identity

当我像这样使用WindowsIdentity Impersonation时:

 WindowsIdentity newId = null;
        WindowsImpersonationContext impersonatedUser = null;

                 Console.WriteLine("Name of the identity BEFORE impersonation: "
   + WindowsIdentity.GetCurrent().Name + ".");
                newId = new WindowsIdentity(_impersonationToken);
                impersonatedUser = newId.Impersonate();
                Console.WriteLine("Name of the identity AFTER impersonation: "
    + WindowsIdentity.GetCurrent().Name + ".");

(它用于将文件从我的电脑复制到winCE机器。)

名称之前和名称后保持返回相同。 当我在模仿之后看@ newdd Token时,它与我用来模仿的那个不同。 我冒充的令牌绝对不是我登录的用户。

有没有人对为什么不想使用我的令牌有任何建议? (是的,昨天它就像一个魅力:s)

这是我生成令牌的方式:

[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
        public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
            int dwLogonType, int dwLogonProvider, ref IntPtr phToken);


LogonUser(Username, IPMachine, Password,
                            LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_DEFAULT,
                            ref _token);

它给了一个成功的布尔,所以我认为我的令牌没有任何问题

3 个答案:

答案 0 :(得分:2)

答案 1 :(得分:0)

如何生成_impersonationToken

CodeProject处有一个关于假冒的出色解决方案。看一下可能会给你一些新的想法。

答案 2 :(得分:0)

我正在工作:

/// <summary>
/// Summary description for Impersonate
/// </summary>
public class Impersonate
{
    #region "Class Members"
    public const int LOGON32_LOGON_INTERACTIVE = 2;
    public const int LOGON32_PROVIDER_DEFAULT = 0;
    WindowsImpersonationContext _impersonationContext;
    #endregion

    #region "Class Properties"
    private string domainName { get; set; }
    private string userName { get; set; }
    private string userPassword { get; set; }
    #endregion

    public Impersonate(string domainName, string userName, string userPassword)
    {
        this.domainName = domainName;
        this.userName = userName;
        this.userPassword = userPassword;
    }

    #region "Impersonation Code"
    [DllImport("advapi32.dll")]
    public static extern int LogonUserA(String lpszUserName,
        String lpszDomain,
        String lpszPassword,
        int dwLogonType,
        int dwLogonProvider,
        ref IntPtr phToken);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern int DuplicateToken(IntPtr hToken,
        int impersonationLevel,
        ref IntPtr hNewToken);

    [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
    public static extern bool RevertToSelf();

    [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
    public static extern bool CloseHandle(IntPtr handle);

    [PermissionSet(SecurityAction.Demand, Name = "FullTrust")]
    public bool ImpersonateValidUser()
    {
        var token = IntPtr.Zero;
        var tokenDuplicate = IntPtr.Zero;

        if (RevertToSelf())
        {
            if (LogonUserA(this.userName, this.domainName, this.userPassword, LOGON32_LOGON_INTERACTIVE,
                LOGON32_PROVIDER_DEFAULT, ref token) != 0)
            {
                if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
                {
                    var tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
                    _impersonationContext = tempWindowsIdentity.Impersonate();

                    if (_impersonationContext != null)
                    {
                        CloseHandle(token);
                        CloseHandle(tokenDuplicate);

                        return true;
                    }
                }
            }
        }
        if (token != IntPtr.Zero)
            CloseHandle(token);

        if (tokenDuplicate != IntPtr.Zero)
            CloseHandle(tokenDuplicate);

        return false;
    }

    public void UndoImpersonation()
    {
        _impersonationContext.Undo();
    }
    #endregion
}

您可以称之为:

            var impessonate = new Impersonate(".", "User", "Psw");

            if (impessonate.ImpersonateValidUser())
            {
                // do stuff
                impessonate.UndoImpersonation();
            }