在Asp.net表单身份验证中检测用户域
本文关键字:检测 用户 身份验证 Asp net 表单 | 更新日期: 2023-09-27 18:26:26
客户端基于Form身份验证向Asp.net web应用程序发送请求。如何获取其已登录客户端的active Directory用户名?
客户端和web应用程序都在同一个域中。
在我的intranet应用程序中,我使用这样的东西:
/// <summary>
/// Authenticate the user, with windows auth(and domain)
/// If that fails then authenticate with forms
/// If that fails...well, go to hell
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void loginControl_Authenticate(object sender, AuthenticateEventArgs e) {
//First try the windows login (domain+username / password)
Logging.IntranetLogger.LogIntranetActionInfo(Logging.IntranetLogConst.Logging, Logging.IntranetLogConst.UserTryToLoggIn, loginControl.UserName);
string domainName = GetDomainName(loginControl.UserName); // Extract domain name
//form provide DomainUsername e.g Domainname'Username
string userName = GetUsername(loginControl.UserName); // Extract user name
//from provided DomainUsername e.g Domainname'Username
IntPtr token = IntPtr.Zero;
//userName, domainName and Password parameters are very obvious.
//dwLogonType (3rd parameter):
// I used LOGON32_LOGON_INTERACTIVE, This logon type is
// intended for users who will be interactively using the computer,
// such as a user being logged on by a terminal server, remote shell,
// or similar process.
// This logon type has the additional expense of caching
// logon information for disconnected operations.
// For more details about this parameter please see
// http://msdn.microsoft.com/en-us/library/aa378184(VS.85).aspx
//dwLogonProvider (4th parameter) :
// I used LOGON32_PROVIDER_DEFAUL, This provider use the standard
// logon provider for the system.
// The default security provider is negotiate, unless you pass
// NULL for the domain name and the user name is not in UPN format.
// In this case, the default provider is NTLM. For more details
// about this parameter please see
// http://msdn.microsoft.com/en-us/library/aa378184(VS.85).aspx
//phToken (5th parameter):
// A pointer to a handle variable that receives a handle to a
// token that represents the specified user. We can use this handler
// for impersonation purpose.
//authenticate with the inputed
bool windowsLoginResult = LogonUser(userName, domainName, loginControl.Password, 2, 0, ref token);}
[DllImport("ADVAPI32.dll", EntryPoint = "LogonUserW", SetLastError = true, CharSet = CharSet.Auto)]
public static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
代码不是我的,它取自代码项目的某个地方,很抱歉我不记得确切的来源和作者