Friday, 15 August 2014

.net - Impersonation using ASP.NET Membership Provider -


Because of the nature of a custom subscription / role provider, the project will require administrators to enter it as users , While assisted with inquiries from them.

Now, it is easy to re-enter the administrator with the selected membership account, though this means that the administrator will be effectively logged out. I allow the administrator to impersonate a user in a way, yet I can easily switch back to my account at any time.

Any suggestions?

This should be something you want to do

The domain account you want You can call the ImpersonateValidUser method with the username and password. And then reverse it at logout.

You should be able to bend it to work with your custom subscription provider.

  // Cloning Personal Windows Impression Contains Constraints for Impersonation Consultants; Public entrant LOGON32_LOGON_INTERACTIVE = 2; Public ent LOGON32_PROVIDER_DEFAULT = 0; /// & lt; Summary & gt; /// Changes the account that we are running /// & lt; / Summary & gt; /// & lt; Param name = "user name" & gt; The username of the local administrator account & lt; / Param & gt; /// & lt; Param name = "domain" & gt; The user name domain & lt; / Param & gt; /// & lt; Param name = "password" & gt; Password for a local administrator account & lt; / Param & gt; /// & lt; Returns & gt; & Lt; / Returns & gt; Private Boole ImpersonateValidUser (String Username, String Domain, String Password) {WindowsIdentity tempWindowsIdentity; IntPtr Tokens = IntPtr.Zero; IntPtr Token Duplicate = IntPtr.Zero; If (RevertToSelf ()) {if LogonUserA (username, domain, password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref Token)! = 0) {if (DuplicateToken (token, 2, refreshken to duplicate)! = 0) {tempWindowsIdentity = New WindowsIdentity (TokenDuplicate); CloningContents = tempWindowsIdentity.Impersonate (); If (Impersonation! = Null) {CloseHandle (token); CloseHandle (tokenDuplicate); Back true; }}}} If (token! = IntPtr.Zero) CloseHandle (token); If (token duplicate! = IntPtr.Zero) CloseHandle (token duplicate); return false; } /// & lt; Summary & gt; /// Cancel cloning and revent /// default account thread. Generally the domain \ NETWORK_SERVICE or similar. /// & lt; / Summary & gt; Private Zero UndoImpersonation () {impersonationContext.Undo (); }  

No comments:

Post a Comment