Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <%@ Page language="VJ#" %>
- <%@ Import Namespace="System.Web" %>
- <%@ Import Namespace="System.Web.Security" %>
- <%@ Import Namespace="System.Security.Principal" %>
- <%@ Import Namespace="System.Runtime.InteropServices" %>
- <script runat=server>
- public static int LOGON32_LOGON_INTERACTIVE = 2;
- public static int LOGON32_PROVIDER_DEFAULT = 0;
- WindowsImpersonationContext impersonationContext;
- /** @attribute DllImport("advapi32.dll") */
- public static native int LogonUserA(String lpszUserName,
- String lpszDomain,
- String lpszPassword,
- int dwLogonType,
- int dwLogonProvider,
- System.IntPtr[] phToken);
- /** @attribute DllImport("advapi32.dll",
- CharSet=CharSet.Auto, SetLastError=true) */
- public static native int DuplicateToken(System.IntPtr hToken,
- int impersonationLevel,
- System.IntPtr[] hNewToken);
- /** @attribute DllImport("kernel32.dll",CharSet=CharSet.Auto) */
- public static native boolean CloseHandle(System.IntPtr[] handle);
- /** @attribute DllImport("advapi32.dll",
- CharSet=CharSet.Auto,SetLastError=true) */
- public static native boolean RevertToSelf();
- public void Page_Load(Object s, System.EventArgs e)
- {
- if(impersonateValidUser("username", "domain", " password"))
- {
- //Insert your code that runs under the security context of a specific user here.
- undoImpersonation();
- }
- else
- {
- //Your impersonation failed. Therefore, include a fail-safe mechanism here.
- }
- }
- private boolean impersonateValidUser(String userName, String domain, String password)
- {
- WindowsIdentity tempWindowsIdentity;
- System.IntPtr[] token = new System.IntPtr[1];
- System.IntPtr[] tokenDuplicate = new System.IntPtr[1];
- if(RevertToSelf())
- {
- if(LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
- LOGON32_PROVIDER_DEFAULT, token) != 0)
- {
- if(DuplicateToken(token[0], 2, tokenDuplicate) != 0)
- {
- tempWindowsIdentity = new WindowsIdentity(tokenDuplicate[0]);
- impersonationContext = tempWindowsIdentity.Impersonate();
- if (impersonationContext != null)
- {
- CloseHandle(tokenDuplicate);
- CloseHandle(token);
- return true;
- }
- }
- }
- }
- if(!token[0].Equals(System.IntPtr.Zero))
- CloseHandle(token);
- if(!tokenDuplicate[0].Equals(System.IntPtr.Zero))
- CloseHandle(tokenDuplicate);
- return false;
- }
- private void undoImpersonation()
- {
- impersonationContext.Undo();
- }
Add Comment
Please, Sign In to add comment