Warning: file_get_contents(/data/phpspider/zhask/data//catemap/7/sql-server/22.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Sql server &引用;冒充;用户未传播到SQL Server 2000_Sql Server_Winforms_Security_Impersonation - Fatal编程技术网
Fatal编程技术网
  • sql-server/
  • Sql server &引用;冒充;用户未传播到SQL Server 2000

Sql server &引用;冒充;用户未传播到SQL Server 2000

sql-server winforms security

Sql server &引用;冒充;用户未传播到SQL Server 2000,sql-server,winforms,security,impersonation,Sql Server,Winforms,Security,Impersonation,我需要“模拟”VB.NET 2008 WinForms应用程序中的用户,以便该应用程序可以接受PC上任何用户的Active Directory登录,而不管谁实际登录到Windows。我希望应用程序的My.User是登录到应用程序的人的广告帐户。我使用以下代码成功地完成了此操作: Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As

我需要“模拟”VB.NET 2008 WinForms应用程序中的用户,以便该应用程序可以接受PC上任何用户的Active Directory登录,而不管谁实际登录到Windows。我希望应用程序的My.User是登录到应用程序的人的广告帐户。我使用以下代码成功地完成了此操作:

Private Declare Auto Function LogonUser Lib "advapi32.dll" (ByVal lpszUsername As String, ByVal lpszDomain As String, _
                                                            ByVal lpszPassword As String, ByVal dwLogonType As Integer, _
                                                            ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Boolean

Const LOGON32_LOGON_INTERACTIVE As Long = 2
Const LOGON32_LOGON_NETWORK As Long = 3

Const LOGON32_PROVIDER_DEFAULT As Long = 0
Const LOGON32_PROVIDER_WINNT35 As Long = 1
Const LOGON32_PROVIDER_WINNT40 As Long = 2
Const LOGON32_PROVIDER_WINNT50 As Long = 3


' Influenced from the example at http://aspalliance.com/39
Public Shared Function Login(ByVal uid As String, ByVal pwd As String) As Boolean

    ' Get the user's domain name.
    Dim domainName As String = My.User.Name.Substring(0, My.User.Name.IndexOf("\"))

    ' This token is returned by the LogonUser API call (variable is passed ByRef).
    Dim token As IntPtr

    If LogonUser(uid, domainName, pwd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, token) Then

        ' Added this line per response to this question:
        WindowsIdentity.Impersonate(token)

        ' If the login succeeds, then impersonate that user by changing CurrentPrincipal.
        Dim wi As New Principal.WindowsIdentity(token)
        Dim wp As New Principal.WindowsPrincipal(wi)

        My.User.CurrentPrincipal = wp
        Return True

    Else
        Return False
    End If

End Function
但是,该应用程序使用一个.DLL和连接到SQLServer2000的数据访问层。在WinForms应用程序代码和.DLL应用程序代码中单步执行代码时,SQL Server似乎正在接收登录到Windows的帐户的登录名,而不是返回My.User.CurrentPrincipal.Identity的帐户

WinForms应用程序和.DLL代码都正确地将My.User.CurrentPrincipal.Identity识别为登录到应用程序而不是Windows的帐户。它只是没有传播到SQL Server。存储过程在T-SQL中将SUSER_SNAME()写入表的列,这就证明了这一点

有人能看出我做错了什么吗

编辑:我已按说明添加了行
WindowsIdentity.Impersonate(令牌)
,但现在当my.DLL尝试创建SQL Server连接时,它抛出以下错误:

用户“NT授权\匿名登录”登录失败

您需要拨打:

我在上面添加了一行,但是我得到了一个异常抛出,正如我在上面编辑的问题中所说的。所以这意味着现在你真的在模仿。您需要找出为什么数据库没有对模拟用户进行身份验证。您很可能模拟了数据库不信任的域中的用户(可能是本地用户?),您是否解决了此问题? 
If LogonUser(...) Then             
   WindowsIdentity.Impersonate(token)