.NET中通过域验证用户名和密码

类代码:

复制代码
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Runtime.InteropServices;   //必要引用
using System.Security.Principal;    //必要引用
/**//// <summary>
/// UserLoginForDomain 的摘要说明
/// 适用ASP.NET 2.0 
/// Windows XP 调试成功
/// 调用”advapi32.dll“win32 API
/// </summary>


public class UserLoginForDomain
{
    
public UserLoginForDomain()
    
{
        
//
        
// TODO: 在此处添加构造函数逻辑
        
//
    }


    
【用户登录域】方法#region【用户登录域】方法

    
public const int LOGON32_LOGON_INTERACTIVE = 2;
    
public const int LOGON32_PROVIDER_DEFAULT = 0;

    WindowsImpersonationContext impersonationContext;

    [DllImport(
"advapi32.dll", CharSet = CharSet.Auto)]
    
public static extern int LogonUser(String lpszUserName,
                                      String lpszDomain,
                                      String lpszPassword,
                                      
int dwLogonType,
                                      
int dwLogonProvider,
                                      
ref IntPtr phToken);
    [DllImport(
"advapi32.dll", CharSet = System.Runtime.InteropServices.CharSet.Auto, SetLastError = true)]
    
public extern static int DuplicateToken(IntPtr hToken,
                                      
int impersonationLevel,
                                      
ref IntPtr hNewToken);
    
/**//// <summary>
    
/// 输入用户名、密码、登录域判断是否成功
    
/// </summary>
    
/// <example>
    
/// if (impersonateValidUser(UserName, Domain, Password)){}
    
/// </example>
    
/// <param name="userName">账户名称,如:string UserName = UserNameTextBox.Text;</param>
    
/// <param name="domain">要登录的域,如:string Domain   = DomainTextBox.Text;</param>
    
/// <param name="password">账户密码, 如:string Password = PasswordTextBox.Text;</param>
    
/// <returns>成功返回true,否则返回false</returns>

    public bool impersonateValidUser(String userName, String domain, String password)
    
{
        WindowsIdentity tempWindowsIdentity;
        IntPtr token 
= IntPtr.Zero;
        IntPtr tokenDuplicate 
= IntPtr.Zero;

        
if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
        LOGON32_PROVIDER_DEFAULT, 
ref token) != 0)
        
{
            
if (DuplicateToken(token, 2ref tokenDuplicate) != 0)
            
{
                tempWindowsIdentity 
= new WindowsIdentity(tokenDuplicate);
                impersonationContext 
= tempWindowsIdentity.Impersonate();
                
if (impersonationContext != null)
                    
return true;
                
else
                    
return false;
            }

            
else
                
return false;
        }

        
else
            
return false;
    }


    
public void undoImpersonation()
    
{
        impersonationContext.Undo();
    }

    
#endregion
    
复制代码


前台事例:

    【用户登录域】示例#region【用户登录域】示例
    
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default6.aspx.cs" Inherits="Default6" %>
    
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    
<html xmlns="http://www.w3.org/1999/xhtml" >
    
<head id="Head1" runat="server">
    
<title>ASP.NET模拟登录验证</title>
    
</head>
    
<body>
    
<form id="form1" runat="server">
    
<div>
        账户:
<asp:TextBox ID="UserNameTextBox" runat="server"></asp:TextBox><br />
        密码:
<asp:TextBox ID="PasswordTextBox" runat="server"></asp:TextBox><br />
        域名:
<asp:TextBox ID="DomainTextBox" runat="server"></asp:TextBox><br />
        
<asp:Button ID="OKButton" runat="server" OnClick="OKButton_Click" Text="Button" /></div>
    
</form>
    
</body>
    
</html>
    
=========================================================================
    
protected void OKButton_Click(object sender, EventArgs e)
    
{
        
string UserName = UserNameTextBox.Text;
        
string Domain = DomainTextBox.Text;
        
string Password = PasswordTextBox.Text;
        UserLoginForDomain CheckUserLogin 
= new UserLoginForDomain();

        
if (CheckUserLogin.impersonateValidUser(UserName, Domain, Password))
            Response.Write(UserNameTextBox.Text 
+ " is OK");
        
else
            Response.Write(UserNameTextBox.Text 
+ " is Error");

    }

    
#endregion

 

http://www.cnblogs.com/Hdsome/archive/2010/12/08/1227575.html

posted @ 2013-05-04 20:47  y0umer  阅读(414)  评论(0编辑  收藏  举报