如何扮演另一个帐号(C#实现)

王朝c#·作者佚名 2008-05-19

宽屏版字体: 小|中|大|超大

如何扮演另一个帐号(C#实现)

using directives#region Using directives

using System;

using System.Security.Principal;

using System.Runtime.InteropServices;

using System.Text.RegularExpressions;

#endregion

namespace Impersonal

{

class Program

{

测试代码#region 测试代码

public static void Main(string[] args)

{

Console.WriteLine("当前用户是: "

+ WindowsIdentity.GetCurrent().Name);

ImpersonatedWork testDel = new ImpersonatedWork(Test);

ImpersonateAndDo("epro\\liping", "88888888", testDel);

Console.WriteLine("当前用户是: "

+ WindowsIdentity.GetCurrent().Name);

}

static void Test()

{

Console.WriteLine("当前用户是: "

+ WindowsIdentity.GetCurrent().Name);

}

#endregion

[DllImport("advapi32.dll", SetLastError = true)]

public extern static bool LogonUser(String lpszUsername, String lpszDomain,

String lpszPassword, int dwLogonType,

int dwLogonProvider, ref IntPtr phToken);

[DllImport("kernel32.dll", CharSet = CharSet.Auto)]

public extern static bool CloseHandle(IntPtr handle);

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]

public extern static bool DuplicateToken(IntPtr ExistingTokenHandle,

int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);

public delegate void ImpersonatedWork();

/**//// <summary>

/// 以指定用户的身份去做一件事情

/// </summary>

/// <param name="UserName"></param>

/// <param name="PWD"></param>

/// <param name="WhatToDo"></param>

public static void ImpersonateAndDo(string UserName, string PWD, ImpersonatedWork WhatToDo)

{

扮演用户#region 扮演用户

string domainName = string.Empty;

string userName = string.Empty;

IntPtr tokenHandle = new IntPtr(0);

IntPtr dupeTokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;

const int LOGON32_LOGON_INTERACTIVE = 2;

const int SecurityImpersonation = 2;

if (! Regex.IsMatch(UserName, @"^\w+[\\]?\w+$"))

{

throw new ApplicationException("非法的用户名");

}

string[] tmp = UserName.Split(new char[] { '\\' });

if (tmp.Length > 1)

{

domainName = tmp[0];

userName = tmp[1];

}

else

{

userName = tmp[0];

}

tokenHandle = IntPtr.Zero;

dupeTokenHandle = IntPtr.Zero;

bool returnValue = LogonUser(userName,domainName, PWD,

LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,

ref tokenHandle);

if (!returnValue)

{

throw new ApplicationException("取Handle出错了!");

}

//Console.WriteLine("当前用户是: "

// + WindowsIdentity.GetCurrent().Name);

bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref dupeTokenHandle);

if (!retVal)

{

CloseHandle(tokenHandle);

throw new ApplicationException("复制Handle出错了!");

}

WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);

WindowsImpersonationContext impersonatedUser = newId.Impersonate();

#endregion

以新用户身份调用#region 以新用户身份调用

WhatToDo();

#endregion

取消扮演#region 取消扮演

impersonatedUser.Undo();

if (tokenHandle != IntPtr.Zero)

CloseHandle(tokenHandle);

if (dupeTokenHandle != IntPtr.Zero)

CloseHandle(dupeTokenHandle);

#endregion

}