using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Security.Principal;
namespace TY.Framework
{
/// 用户模拟角色类。实现在程序段内进行用户角色模拟。
/// <example><![CDATA[使用的时候在你要执行特殊操作的代码段前面这样写:
/// IdentityImpersonation identityImpersonation = new IdentityImpersonation("administrator", "yourpassword","yourhostname");
/// identityImpersonation.BeginImpersonate();//开始管理员扮演
/// //你的特殊操作
/// ..
/// .
/// identityImpersonation.StopImpersonate(); //结束扮演]]>
/// </example>
///
public class IdentityImpersonation
{
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
// 要模拟的用户的用户名、密码、域(机器名)
private String _sImperUsername;
private String _sImperPassword;
private String _sImperDomain;
// 记录模拟上下文
private WindowsImpersonationContext _imperContext;
private IntPtr _adminToken;
private IntPtr _dupeToken;
// 是否已停止模拟
private Boolean _bClosed;
/// <summary>
/// 构造函数
/// </summary>
/// <param name="impersonationUsername">所要模拟的用户的用户名</param>
/// <param name="impersonationPassword">所要模拟的用户的密码</param>
/// <param name="impersonationDomain">所要模拟的用户所在的域</param>
public IdentityImpersonation(String impersonationUsername, String impersonationPassword, String impersonationDomain)
{
_sImperUsername = impersonationUsername;
_sImperPassword = impersonationPassword;
_sImperDomain = impersonationDomain;
_adminToken = IntPtr.Zero;
_dupeToken = IntPtr.Zero;
_bClosed = true;
}
/// <summary>
/// 析构函数
/// </summary>
~IdentityImpersonation()
{
if (!_bClosed)
{
StopImpersonate();
}
}
/// <summary>
/// 开始身份角色模拟。
/// </summary>
/// <returns></returns>
public Boolean BeginImpersonate()
{
Boolean bLogined = LogonUser(_sImperUsername, _sImperDomain, _sImperPassword, 2, 0, ref _adminToken);
if (!bLogined)
{
return false;
}
Boolean bDuped = DuplicateToken(_adminToken, 2, ref _dupeToken);
if (!bDuped)
{
return false;
}
WindowsIdentity fakeId = new WindowsIdentity(_dupeToken);
_imperContext = fakeId.Impersonate();
_bClosed = false;
return true;
}
/// <summary>
/// 停止身分角色模拟。
/// </summary>
public void StopImpersonate()
{
_imperContext.Undo();
CloseHandle(_dupeToken);
CloseHandle(_adminToken);
_bClosed = true;
}
}
}
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.InteropServices;
using System.Security.Principal;
namespace TY.Framework
{
/// 用户模拟角色类。实现在程序段内进行用户角色模拟。
/// <example><![CDATA[使用的时候在你要执行特殊操作的代码段前面这样写:
/// IdentityImpersonation identityImpersonation = new IdentityImpersonation("administrator", "yourpassword","yourhostname");
/// identityImpersonation.BeginImpersonate();//开始管理员扮演
/// //你的特殊操作
/// ..
/// .
/// identityImpersonation.StopImpersonate(); //结束扮演]]>
/// </example>
///
public class IdentityImpersonation
{
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int SECURITY_IMPERSONATION_LEVEL, ref IntPtr DuplicateTokenHandle);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
// 要模拟的用户的用户名、密码、域(机器名)
private String _sImperUsername;
private String _sImperPassword;
private String _sImperDomain;
// 记录模拟上下文
private WindowsImpersonationContext _imperContext;
private IntPtr _adminToken;
private IntPtr _dupeToken;
// 是否已停止模拟
private Boolean _bClosed;
/// <summary>
/// 构造函数
/// </summary>
/// <param name="impersonationUsername">所要模拟的用户的用户名</param>
/// <param name="impersonationPassword">所要模拟的用户的密码</param>
/// <param name="impersonationDomain">所要模拟的用户所在的域</param>
public IdentityImpersonation(String impersonationUsername, String impersonationPassword, String impersonationDomain)
{
_sImperUsername = impersonationUsername;
_sImperPassword = impersonationPassword;
_sImperDomain = impersonationDomain;
_adminToken = IntPtr.Zero;
_dupeToken = IntPtr.Zero;
_bClosed = true;
}
/// <summary>
/// 析构函数
/// </summary>
~IdentityImpersonation()
{
if (!_bClosed)
{
StopImpersonate();
}
}
/// <summary>
/// 开始身份角色模拟。
/// </summary>
/// <returns></returns>
public Boolean BeginImpersonate()
{
Boolean bLogined = LogonUser(_sImperUsername, _sImperDomain, _sImperPassword, 2, 0, ref _adminToken);
if (!bLogined)
{
return false;
}
Boolean bDuped = DuplicateToken(_adminToken, 2, ref _dupeToken);
if (!bDuped)
{
return false;
}
WindowsIdentity fakeId = new WindowsIdentity(_dupeToken);
_imperContext = fakeId.Impersonate();
_bClosed = false;
return true;
}
/// <summary>
/// 停止身分角色模拟。
/// </summary>
public void StopImpersonate()
{
_imperContext.Undo();
CloseHandle(_dupeToken);
CloseHandle(_adminToken);
_bClosed = true;
}
}
}
