我需要訪問只有給定的域帳戶才能訪問的網絡資源。 我正在使用LogonUser調用,但得到「用戶沒有必需的特權」異常,因爲Web應用程序正在使用asp.net帳戶運行,並且它沒有足夠的權限來進行此調用。需要模擬用戶訪問網絡資源,Asp.Net帳戶
有沒有辦法避開它? 更改ASP.Net帳戶的身份或權限不是一種選擇,因爲這是一個運行許多項目的生產計算機。 有沒有更好的方法來實現這一目標?
使用Asp.Net 2.0,表單身份驗證。
親切的問候。
只要調用LogonUser是不夠的。您需要模擬該用戶。您只能模擬對網絡資源的訪問。
示例代碼可在MSDN上找到。
你可以一個
<identity impersonate="true" userName=""/>
標籤添加到您的web.config但你可能不希望運行的整個網站爲用戶可能不會很理想......
燦您將網絡共享映射爲本地驅動器與DomainName &密碼...然後通過映射的驅動器將文件拖到網站上?
NET USE Z: \\SERVER\Share password /USER:DOMAIN\Username /PERSISTENT:YES
我只有這種親密體驗下1.1,這樣的事情可能會在2.0天甲肝改變,但是...... 我們已經得到了被部署在Intranet方案的應用,我們罷工一樣。我們運行身份模擬打開,窗體模式身份驗證,匿名訪問關閉。控制這個(我發現)的最簡單方法是將有權訪問的用戶的憑據放在web.config中。他們繼續轉換身份模擬的節點。如果是超級恐怖信息,我不會這樣做!我們只在打印環境中訪問共享圖形,因此大多數網站都很樂意爲我們設置一個有限帳戶,以便將其放入web.confit。 LogonUser確實需要提升privelidges。 Msdn有一些關於如何在代碼中模擬特定用戶的好文章。我會找出一些鏈接,但這款手機不會複製粘貼。
您可以更改保護網絡資源的ACL嗎?我過去使用的一個技巧是創建一個Active Directory組,然後將計算機對象放入該組中。然後,我使用該組的訪問控制列表中的對象(文件,共享等),我需要訪問。
這使我可以將Windows服務作爲本地系統運行,並獲得對受保護網絡資源的訪問權限。這個技巧似乎也適用於作爲網絡服務運行的ASP.NET進程。
進口系統 進口System.ComponentModel 進口System.Web.UI程序 進口System.Web.UI.WebControls 進口System.IO 進口有System.IO.File 進口System.Diagnostics程序 導入系統。 Xml.Serialization 進口Microsoft.SharePoint程序 進口Microsoft.SharePoint.Utilities 進口Microsoft.SharePoint.WebPartPages 進口Microsoft.SharePoint.WebControls 進口Microsoft.SharePoint.Administration 進口SYSTE m.Security.Principal 進口System.Security.Permissions 進口System.Runtime.InteropServices 進口統環境 進口的System.Net.Sockets 進口System.Web.UI.HtmlControls
公共類Impersonalizacion 私人常量LOGON32_PROVIDER_DEFAULT爲整數= 0 私人CONST LOGON32_LOGON_INTERACTIVE爲整數= 2
<DllImport("advapi32.dll", SetLastError:=True)> _
Public Shared Function LogonUser(ByVal lpszUsername As String, ByVal lpszDomain As String, ByVal lpszPassword As String, ByVal dwLogonType As Integer, ByVal dwLogonProvider As Integer, ByRef phToken As IntPtr) As Boolean
End Function
<DllImport("advapi32.dll", EntryPoint:="DuplicateToken", ExactSpelling:=False, CharSet:=CharSet.Auto, SetLastError:=True)> _
Public Shared Function DuplicateToken(ByVal ExistingTokenHandle As IntPtr, ByVal ImpersonationLevel As Integer, ByRef DuplicateTokenHandle As IntPtr) As Integer
End Function
Public Shared Function WinLogOn(ByVal strUsuario As String, ByVal strClave As String, ByVal strDominio As String) As WindowsImpersonationContext
Dim tokenDuplicate As New IntPtr(0)
Dim tokenHandle As New IntPtr(0)
If LogonUser(strUsuario, strDominio, strClave, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, tokenHandle) Then
If DuplicateToken(tokenHandle, 2, tokenDuplicate) <> 0 Then
Return (New WindowsIdentity(tokenDuplicate)).Impersonate()
End If
End If
Return Nothing
End Function
末級 「的WebPart1描述。 「),XmlRoot(名字空間:=」 SPSCopiarFichero「)> _ 公共類WebPart1 繼承Microsoft.SharePoint.WebPartPages.WebPart
Protected WithEvents File1 As HtmlInputFile
Dim vdestino As String = "\\centappd20nd01\uploads_avisos"
Dim vtemporal As String = "c:\pdf"
Protected WithEvents boton1 As Button
Protected WithEvents usuario As TextBox
Protected WithEvents contra As TextBox
Protected WithEvents dominio As TextBox
Protected WithEvents destino As TextBox
Protected WithEvents origen As TextBox
Protected WithEvents temporal As TextBox
Protected WithEvents log As TextBox
'Render this Web Part to the output parameter specified.
Protected Overrides Sub RenderWebPart(ByVal output As System.Web.UI.HtmlTextWriter)
log.RenderControl(output)
output.Write("<br><font>Ruta Origen</font><br>")
File1.RenderControl(output)
output.Write("<br><font>Ruta Temporal </font><br>")
temporal.RenderControl(output)
output.Write("<br><font>Ruta Destino </font><br>")
destino.RenderControl(output)
output.Write("<br><font>Usuario </font><br>")
usuario.RenderControl(output)
output.Write("<br><font>Contraseña </font><br>")
contra.RenderControl(output)
output.Write("<br><font>Dominio </font><br>")
dominio.RenderControl(output)
output.Write("<br><br><center>")
boton1.RenderControl(output)
output.Write("</center>")
End Sub
Protected Overrides Sub CreateChildControls()
dominio = New TextBox
With dominio
.Text = "admon-cfnavarra"
.Width = Unit.Pixel("255")
End With
Controls.Add(dominio)
boton1 = New Button
With boton1
.Text = "Copiar Fichero"
End With
Controls.Add(boton1)
File1 = New HtmlInputFile
With File1
End With
Controls.Add(File1)
usuario = New TextBox
With usuario
.Text = "SVCWSINCPre_SNS"
.Width = Unit.Pixel("255")
End With
Controls.Add(usuario)
contra = New TextBox
With contra
.Text = "SVCWSINCPre_SNS"
.Width = Unit.Pixel("255")
End With
Controls.Add(contra)
destino = New TextBox
With destino
.Text = vdestino
.Width = Unit.Pixel("255")
End With
Controls.Add(destino)
log = New TextBox
With log
.Width = Unit.Percentage(100)
.BackColor = System.Drawing.Color.Black
.ForeColor = System.Drawing.Color.White
End With
Controls.Add(log)
temporal = New TextBox
With temporal
.Text = vtemporal
.Width = Unit.Pixel("255")
End With
Controls.Add(temporal)
End Sub
Private Sub boton1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles boton1.Click
If File1.PostedFile.FileName <> "" Then
Dim _objContext As WindowsImpersonationContext = Nothing
log.Text = QuienSoy()
CopyFile(File1.PostedFile.FileName, temporal.Text)
_objContext = Impersonalizacion.WinLogOn(usuario.Text, contra.Text, dominio.Text)
CopyFile(temporal.Text & "\" & System.IO.Path.GetFileName(File1.PostedFile.FileName), destino.Text)
_objContext.Undo()
Else
log.Text = "Se debe introducir un fichero"
End If
End Sub
Friend Shared Function QuienSoy() As String
Return WindowsIdentity.GetCurrent().Name
End Function
Public Function CopyFile(ByVal StartPath As String, ByVal EndPath As String)
Try
Dim fn As String = System.IO.Path.GetFileName(StartPath)
System.IO.File.Copy(StartPath, EndPath & "\" & fn, False)
log.Text = "Fichero Copiado Correctamente"
Catch ex As Exception
log.Text = ex.Message
End Try
End Function
末級