Impersonation in ASP. NET

Use the Q & A method to quickly obtain key points.

 

How can I check the user permissions on which the current thread is running?

==========================================

 
StringCurrentuser = system. Security. Principal.Windowsidentity. Getcurrent (). Name;
 

 

How to Apply in ASP. NETProgramIs the permission of a user who has been authenticated by IIS used to execute each request?

==========================================

In the Web. config file, make the following changes:

 
<IdentityImpersonate="True"/>
 

 

In an ASP. NET application, how does one specify a user and allow all requests to be executed according to the user's permissions?

==========================================

In the Web. config file, make the following changes:

 
<IdentityImpersonate="True"Username="Accountname"Password="Password"/>
 

 

HowCode?

==========================================

System. Security. Principal.WindowsimpersonationcontextImpersonationcontext; impersonationcontext = (system. Security. Principal.Windowsidentity) User. Identity). Impersonate ();// Insert your code that runs under the security context of the Authenticating user here.Impersonationcontext. Undo ();
 

 

A specific example can be used in Aspx. Of course, it can be used in CS.

 Public const int Logon32_logon_interactive = 2; Public const int Logon32_provider_default = 0; windowsimpersonationcontext impersonationcontext; [dllimport ( "Advapi32.dll" )] Public static extern int Logonusera (String Lpszusername, String Lpszdomain, String Lpszpassword, Int Dwlogontype, Int Dwlogonprovider, Ref  Intptr Phtoken); [dllimport ( "Advapi32.dll" , Charset = charset. Auto, setlasterror = True )] Public static extern int Duplicatetoken ( Intptr Htoken, Int Impersonationlevel, Ref  Intptr Hnewtoken); [dllimport ( "Advapi32.dll" , Charset = charset. Auto, setlasterror = True )] Public static extern bool Reverttoself (); [dllimport ( "Kernel32.dll" , Charset = charset. Auto)] Public static extern bool Closehandle ( Intptr Handle ); Public void Page_load ( Object S, Eventargs E ){ If (Impersonatevaliduser ( "Username" , "Domain" , "Password" )){ // Insert your code that runs under the security context of a specific user here. Undoimpersonation ();} Else { // Your impersonation failed. Therefore, include a fail-safe mechanic here. }} Private bool Impersonatevaliduser ( String Username, String Domain, String Password) {windowsidentity tempwindowsidentity; Intptr Token = Intptr . Zero; Intptr Tokenduplicate = Intptr . Zero; If (Reverttoself ()){ If (Logonusera (username, domain, password, logon32_logon_interactive, logon32_provider_default, Ref Token )! = 0 ){ If (Duplicatetoken (token, 2, Ref Tokenduplicate )! = 0) {tempwindowsidentity = New Windowsidentity (tokenduplicate); impersonationcontext = tempwindowsidentity. Impersonate (); If (Impersonationcontext! = Null ) {Closehandle (token); closehandle (tokenduplicate ); Return true ;}}}} If (Token! = Intptr . Zero) closehandle (token ); If (Tokenduplicate! = Intptr . Zero) closehandle (tokenduplicate ); Return false ;} Private void Undoimpersonation () {impersonationcontext. Undo ();}

 

Source:

How to Implement impersonation in an ASP. NET application

Http://support.microsoft.com/kb/306158