很好用的.NET中通过域验证用户名和密码
2011-06-13 10:24
274 查看
很好用的.NET中通过域验证用户名和密码
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Runtime.InteropServices; //必要引用
using System.Security.Principal; //必要引用
/**//// <summary>
/// UserLoginForDomain 的摘要说明
/// 适用ASP.NET 2.0
/// Windows XP 调试成功
/// 调用”advapi32.dll“win32 API
/// </summary>
public class UserLoginForDomain
{
public UserLoginForDomain()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
【用户登录域】方法#region【用户登录域】方法
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
WindowsImpersonationContext impersonationContext;
[DllImport("advapi32.dll", CharSet = CharSet.Auto)]
public static extern int LogonUser(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = System.Runtime.InteropServices.CharSet.Auto, SetLastError = true)]
public extern static int DuplicateToken(IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken);
/**//// <summary>
/// 输入用户名、密码、登录域判断是否成功
/// </summary>
/// <example>
/// if (impersonateValidUser(UserName, Domain, Password)){}
/// </example>
/// <param name="userName">账户名称,如:string UserName = UserNameTextBox.Text;</param>
/// <param name="domain">要登录的域,如:string Domain = DomainTextBox.Text;</param>
/// <param name="password">账户密码, 如:string Password = PasswordTextBox.Text;</param>
/// <returns>成功返回true,否则返回false</returns>
public bool impersonateValidUser(String userName, String domain, String password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
return true;
else
return false;
}
else
return false;
}
else
return false;
}
public void undoImpersonation()
{
impersonationContext.Undo();
}
#endregion
前台事件代码:
【用户登录域】示例#region【用户登录域】示例
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default6.aspx.cs" Inherits="Default6" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>ASP.NET模拟登录验证</title>
</head>
<body>
<form id="form1" runat="server">
<div>
账户:<asp:TextBox ID="UserNameTextBox" runat="server"></asp:TextBox><br />
密码:<asp:TextBox ID="PasswordTextBox" runat="server"></asp:TextBox><br />
域名:<asp:TextBox ID="DomainTextBox" runat="server"></asp:TextBox><br />
<asp:Button ID="OKButton" runat="server" OnClick="OKButton_Click" Text="Button" /></div>
</form>
</body>
</html>
=================================================
protected void OKButton_Click(object sender, EventArgs e)
{
string UserName = UserNameTextBox.Text;
string Domain = DomainTextBox.Text;
string Password = PasswordTextBox.Text;
UserLoginForDomain CheckUserLogin = new UserLoginForDomain();
if (CheckUserLogin.impersonateValidUser(UserName, Domain, Password))
Response.Write(UserNameTextBox.Text + " is OK");
else
Response.Write(UserNameTextBox.Text + " is Error");
}
#endregion
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Runtime.InteropServices; //必要引用
using System.Security.Principal; //必要引用
/**//// <summary>
/// UserLoginForDomain 的摘要说明
/// 适用ASP.NET 2.0
/// Windows XP 调试成功
/// 调用”advapi32.dll“win32 API
/// </summary>
public class UserLoginForDomain
{
public UserLoginForDomain()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
【用户登录域】方法#region【用户登录域】方法
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
WindowsImpersonationContext impersonationContext;
[DllImport("advapi32.dll", CharSet = CharSet.Auto)]
public static extern int LogonUser(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = System.Runtime.InteropServices.CharSet.Auto, SetLastError = true)]
public extern static int DuplicateToken(IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken);
/**//// <summary>
/// 输入用户名、密码、登录域判断是否成功
/// </summary>
/// <example>
/// if (impersonateValidUser(UserName, Domain, Password)){}
/// </example>
/// <param name="userName">账户名称,如:string UserName = UserNameTextBox.Text;</param>
/// <param name="domain">要登录的域,如:string Domain = DomainTextBox.Text;</param>
/// <param name="password">账户密码, 如:string Password = PasswordTextBox.Text;</param>
/// <returns>成功返回true,否则返回false</returns>
public bool impersonateValidUser(String userName, String domain, String password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if (LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
return true;
else
return false;
}
else
return false;
}
else
return false;
}
public void undoImpersonation()
{
impersonationContext.Undo();
}
#endregion
前台事件代码:
【用户登录域】示例#region【用户登录域】示例
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default6.aspx.cs" Inherits="Default6" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
<title>ASP.NET模拟登录验证</title>
</head>
<body>
<form id="form1" runat="server">
<div>
账户:<asp:TextBox ID="UserNameTextBox" runat="server"></asp:TextBox><br />
密码:<asp:TextBox ID="PasswordTextBox" runat="server"></asp:TextBox><br />
域名:<asp:TextBox ID="DomainTextBox" runat="server"></asp:TextBox><br />
<asp:Button ID="OKButton" runat="server" OnClick="OKButton_Click" Text="Button" /></div>
</form>
</body>
</html>
=================================================
protected void OKButton_Click(object sender, EventArgs e)
{
string UserName = UserNameTextBox.Text;
string Domain = DomainTextBox.Text;
string Password = PasswordTextBox.Text;
UserLoginForDomain CheckUserLogin = new UserLoginForDomain();
if (CheckUserLogin.impersonateValidUser(UserName, Domain, Password))
Response.Write(UserNameTextBox.Text + " is OK");
else
Response.Write(UserNameTextBox.Text + " is Error");
}
#endregion
相关文章推荐
- .NET中通过域验证用户名和密码
- CAS SSO研究二:cas_server通过查询数据库验证用户名、密码正确性
- csrf攻击过程 csrf攻击说明 1.用户C打开浏览器,访问受信任网站A,输入用户名和密码请求登录网站A; 2.在用户信息通过验证后,网站A产生Cookie信息并返回给浏览器,此时用户登录网站
- CXF 通过用户名和密码进行验证
- java通过url调用远程接口返回json数据,有用户名和密码验证
- Qt5.9Creator登录界面函数总结(通过连接远程服务器数据库MySql5.7.17进行登录用户名和密码验证)
- SharePoint Host Header输入用户名密码无法通过验证的解决办法
- SSO单点登录 cas_server通过查询数据库验证用户名、密码正确性
- 为什么每个请求都要有用户名密码呢,那不是每次都要查询一下了,token,表示这个用户已经验证通过了,在token有效期内,只需要判断token是否有效就可以了
- 通过CouchDB-Python连接带有用户名/密码验证的数据库
- 用户密码通过MD5加密后,如何验证呢?
- LDAP验证用户名和密码
- WCF 安全之自定义的用户名/密码身份验证
- IIS 访问需要用户名和密码 (需要进行身份验证)
- JS的常用正则表达式 验证密码用户名等
- LNMP下为Nginx目录设置访问验证的用户名密码
- JSP 连接远程 LDAP 实现用户名和密码验证
- sql server 2008 windows验证改混合登陆中SqlServer身份验证用户名密码
- 用户名和密码正则验证。
- php 登录时用户名与密码验证器