ASP.NET aspx页面代码在禁用模拟的情况下以模拟方式运行
我在VS2005中创建了一个空白的测试应用程序作为ASP.NET应用程序。那 默认情况下,ASP.NET不使用模拟,并且您的代码使用ASP.NET应用程序的进程标识运行 我有下面的web.configASP.NET aspx页面代码在禁用模拟的情况下以模拟方式运行,asp.net,authentication,impersonation,Asp.net,Authentication,Impersonation,我在VS2005中创建了一个空白的测试应用程序作为ASP.NET应用程序。那 默认情况下,ASP.NET不使用模拟,并且您的代码使用ASP.NET应用程序的进程标识运行 我有下面的web.config <configuration> <appSettings/> <connectionStrings/> <system.web> <!-- Set compilation d
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" defaultLanguage="c#" />
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows"/>
<identity impersonate="false"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
</configuration>
重新加载页面时,我会得到以下调试输出:
[5288]在1之前:现任校长=
域\用户
[5288]之后:当前Princupal=
域\用户
输出与输出相同
<identity impersonate="false"/>
我不确定这有什么意义,但无论如何。我现在在sharepoint shared services管理用户配置文件权限方面遇到问题,但这是另一个问题。似乎有些奇怪,需要尝试以下几点:
- 在监视窗口中调试类型$user中的断点时,将显示进程和线程标识
- 您使用的模拟不正确,请尝试以下代码:
// Declare the logon types as constants const long LOGON32_LOGON_INTERACTIVE = 2; const long LOGON32_LOGON_NETWORK = 3; // Declare the logon providers as constants const long LOGON32_PROVIDER_DEFAULT = 0; const long LOGON32_PROVIDER_WINNT50 = 3; const long LOGON32_PROVIDER_WINNT40 = 2; const long LOGON32_PROVIDER_WINNT35 = 1; [DllImport("advapi32.dll", EntryPoint = "LogonUser")] private static extern bool LogonUser( string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken); public static WindowsImpersonationContext ImpersonateCurrentUserBegin(System.Net.NetworkCredential credential) { WindowsImpersonationContext impersonationContext = null; if (credential == null || credential.UserName.Length == 0 || credential.Password.Length == 0 || credential.Domain.Length == 0) { throw new Exception("Incomplete user credentials specified"); } impersonationContext = Security.Impersonate(credential); if (impersonationContext == null) { return null; } else { return impersonationContext; } } public static void ImpersonateCurrentUserEnd(WindowsImpersonationContext impersonationContext) { if (impersonationContext != null) { impersonationContext.Undo(); } }
您所在的active directory是否有一些奇怪的本地策略?我想我理解您的问题所在 在进一步行动之前需要知道的事情
System.Security.Principal.WindowsIdentity.GetCurrent().Name
,以及您上面提到的System.Threading.Thread.CurrentPrincipal.Identity.Name
System.Threading.Thread.CurrentPrincipal.Identity
始终由HttpContext.Current.User.Identity
提供说到你的观点。如果要修改
System.Threading.Thread.CurrentPrincipal.Identity
,请修改最初由身份验证机制提供的HttpContext.Current.User.Identity
。与Thread.CurrentPrincipal.Identity.Name的结果相同,无论是否允许匿名访问,情况都是一样的。我不知道域策略,必须尝试在另一个域中执行。感谢您提供有关$user的提示。对于$user,它表明(我现在拥有)一切都是我所期望的。WindowsIdentity.Impersonate(IntPtr.Zero)之前有模拟用户的令牌,之后没有令牌,并且进程处于网络服务下,但System.Threading.Thread.CurrentPrincipal.Identity.Name和HttpContext.Current.user.Identity.Name仍然为我提供模拟用户。
Thread.CurrentPrincipal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
HttpContext.Current.User = Thread.CurrentPrincipal;
// Declare the logon types as constants
const long LOGON32_LOGON_INTERACTIVE = 2;
const long LOGON32_LOGON_NETWORK = 3;
// Declare the logon providers as constants
const long LOGON32_PROVIDER_DEFAULT = 0;
const long LOGON32_PROVIDER_WINNT50 = 3;
const long LOGON32_PROVIDER_WINNT40 = 2;
const long LOGON32_PROVIDER_WINNT35 = 1;
[DllImport("advapi32.dll", EntryPoint = "LogonUser")]
private static extern bool LogonUser(
string lpszUsername,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
public static WindowsImpersonationContext ImpersonateCurrentUserBegin(System.Net.NetworkCredential credential)
{
WindowsImpersonationContext impersonationContext = null;
if (credential == null || credential.UserName.Length == 0 || credential.Password.Length == 0 || credential.Domain.Length == 0)
{
throw new Exception("Incomplete user credentials specified");
}
impersonationContext = Security.Impersonate(credential);
if (impersonationContext == null)
{
return null;
}
else
{
return impersonationContext;
}
}
public static void ImpersonateCurrentUserEnd(WindowsImpersonationContext impersonationContext)
{
if (impersonationContext != null)
{
impersonationContext.Undo();
}
}