asp.net中用户验证同步AD域
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Principal;
using System.Runtime.InteropServices;
public partial class windwos : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
UserLoginForDomain CheckUserLogin = new UserLoginForDomain();
string txtUser = "" ;
string txtPassword = "" ;
string txtDomain = "" ;
if (Request.Form["txtUser" ] != null)
txtUser = Request.Form[ "txtUser"].ToString();
if (Request.Form["txtPassword" ] != null)
txtPassword = Request.Form[ "txtPassword"].ToString();
if (Request.Form["txtDomain" ] != null)
txtDomain = Request.Form[ "txtDomain"].ToString();
if (txtUser != "" && txtPassword != "" && txtDomain != "")
{
if (CheckUserLogin.impersonateValidUser(txtUser, txtDomain, txtPassword))
Response.Write( " OK");
else
Response.Write( "Error");
}
}
public class UserLoginForDomain
{
public UserLoginForDomain()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
//【用户登录域】方法#region【用户登录域】方法
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
WindowsImpersonationContext impersonationContext;
[ DllImport("advapi32.dll" , CharSet = CharSet.Auto)]
public static extern int LogonUser(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[ DllImport("advapi32.dll" , CharSet = System.Runtime.InteropServices.CharSet .Auto, SetLastError = true)]
public extern static int DuplicateToken(IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken);
/**/
/// <summary>
/// 输入用户名、密码、登录域判断是否成功
/// </summary>
/// <example>
/// if (impersonateValidUser(UserName, Domain, Password)){}
/// </example>
/// <param name="userName"> 账户名称,如: string UserName = UserNameTextBox.Text;</param>
/// <param name="domain"> 要登录的域,如: string Domain = DomainTextBox.Text;</param>
/// <param name="password"> 账户密码, 如: string Password = PasswordTextBox.Text;</param>
/// <returns> 成功返回true,否则返回 false</returns>
public bool impersonateValidUser(String userName, String domain, String password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr .Zero;
IntPtr tokenDuplicate = IntPtr .Zero;
if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity (tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
return true ;
else
return false ;
}
else
return false ;
}
else
return false ;
}
public void undoImpersonation()
{
impersonationContext.Undo();
}
// #endregion
}
}
<% @ Page Language="C#" AutoEventWireup="true" CodeFile="windwos.aspx.cs" Inherits="windwos" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title> 无标题页</title >
</head>
<body>
<form action="windwos.aspx" method ="post">
用户名:< input runat ="server" id ="txtUser" name ="txtUser" />< br />
密码:< input runat ="server" id ="txtPassword" name ="txtPassword" />< br />
域:< input runat ="server" id ="txtDomain" name ="txtDomain" />< br />
<input type="submit" value="提交 " />
</form>
</body>
</html>
