以管理员身份运行ClickOnce应用程序 [英] Run ClickOnce Application as Administrator
问题描述
我有一个vb.net clickonce应用程序,将由没有管理员访问权限的低级人员使用。但是,应用程序本身需要将文件保存到服务器上的隐藏文件夹中,并且仅允许管理员进行读/写访问。我需要这些用户能够使用该应用程序与此文件夹进行交互,而无需让他们能够自行浏览到该文件夹。我尝试使用几种模拟技术,但都没有效果。
I have a vb.net clickonce application that will be used by low-level personnel with no administrator accesses. However, the application itself needs to save files to a folder on the server that is hidden and only allows read/write access to administrators. I need for these users to be able to interact with this folder using the application without giving them the ability to browse to the folder on their own. I've tried using several impersonation techniques, none have worked.
http://weblogs.asp.net/ralfw/archive/2003/11/24/39479.aspx 是我尝试过的一种。它仍然说即使我运行Return System.Security.Principal.WindowsIdentity.GetCurrent()。Name,它也会返回管理员凭据,但访问被拒绝。
http://weblogs.asp.net/ralfw/archive/2003/11/24/39479.aspx is one that I've tried. It still says access is denied even though when I run Return System.Security.Principal.WindowsIdentity.GetCurrent().Name it returns the administrator credentials.
我尝试创建另一个仅使用管理员凭据执行StartProcess的应用程序,但是我要启动的文件是.application而不是.exe,因此我收到指定的可执行文件不是此OS平台的有效应用程序错误。
I've tried creating another application that simply does a StartProcess using administrator credentials, but the file i'm trying to launch is a .application and not a .exe so I get a "The specified executable is not a valid application for this OS platform" error.
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim file_name As String = "file path to .application file"
Dim p As New ProcessStartInfo(file_name)
p.UseShellExecute = False
p.Domain = "domain"
p.UserName = "administrator"
p.Password = New System.Security.SecureString()
For Each c As Char In "password"
p.Password.AppendChar(c)
Next
Process.Start(p)
End Sub
我尝试为Internet Explorer执行StartProcess并向.application文件提供url参数,该参数一直有效,直到我尝试提供自己的凭据以外的其他凭据并且出现找不到文件错误。如果我将所有内容从p.Username删除到Next,应用程序将以用户身份而非管理员身份打开。下面是该尝试的代码。
I've tried doing a StartProcess for Internet Explorer and providing an argument the url to the .application file which works until I try to supply credentials other than my own and I get a "cannot find file" error. If I remove everything from p.Username to Next, the application opens, but as the user and not administrator. Below is code for that attempt.
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim p As New ProcessStartInfo(My.Computer.FileSystem.SpecialDirectories.ProgramFiles + "\Internet Explorer\IEXPLORE.EXE")
p.UseShellExecute = False
p.Domain = "domain"
p.UserName = "administrator"
p.Password = New System.Security.SecureString()
For Each c As Char In "password"
p.Password.AppendChar(c)
Next
p.Arguments = ("URL to .application file")
Process.Start(p)
End Sub
我对如何运行此应用程序完全感到困惑以管理员身份使用,因此用户可以仅使用此应用程序查看文件并将文件保存到此受保护的位置。
I am at an absolute loss as to how to have this application run as admin so users can view files and save files to this protected location using only this application.
推荐答案
这听起来像是服务器上WCF(或其他类型)服务的理想之选。那将提供执行您想要的方法。客户端应用程序将调用该服务,并说将该文件放在服务器上,并且服务代码实际上是将其保存的。由于它在服务器上运行,因此该服务的用户帐户可以具有必要的特权,而不会遇到您现在面临的任何客户端许可问题。客户端用户除了可以连接到服务之外,根本不需要任何特权。
This sounds like a great candidate for a WCF (or some other type) service on the server. That would provide methods to do what you want. The client app would call the service and say "put this file on the server", and the service code is what actually saves it. Since it's running on the server the service's user account can have the necessary privileges without any of the client side permission issues you're facing now. The client users wouldn't need any privileges at all except the ability to connect to the service.
另一个好处是,您在该目录中没有管理员帐户密码您的客户端应用使用此方法,将消除相当严重的安全隐患。
The other upside is that you don't have an admin account password in your client app using this method, which will remove a rather serious security concern.
这篇关于以管理员身份运行ClickOnce应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
