Windows模拟和复制令牌 [英] Windows Impersonation and duplicating tokens

问题描述

我有一个asp.net项目，该请求会将工作委托给后台(通过quartz.net).该Web应用程序正在使用Windows身份验证和模拟.

I have an asp.net project where the request will delegate work to the background (via quartz.net). The web application is using windows authentication and impersonation.

我也想在后台线程上模拟当前用户.我已经阅读了如何用提供的域名，用户名和密码模拟用户并调出内核.该方法有效.

I would also like to impersonate the current user on the background thread as well. I have read how to impersonate a user with a supplied domain name, username and password and calling out the kernel. That method works.

IntPtr token;
var successfullLogon = LogonUser(userName, password, domain, logonType, logonProvider, out token);
if(successfullLogon == false)
{
    var errorCode = Marshal.GetHRForLastWin32Error();
    Marshal.ThrowExceptionForHR(errorCode);
}

可以，但是需要我提供特定的用户名/密码，或者让用户输入密码.两种情况都不理想.

That works, but it requires me to either provide a specific username/password, or have the user enter their password. neither situation is ideal.

我想要的是将令牌从请求中的用户身份传递到后台，然后从该现有令牌中模拟用户.我读到应该可以调用DuplicateHandle

What I would like is to pass the token from the user's identity from the request to the background and then impersonate the user from this existing token. I read that I should be able to call DuplicateHandle,

var token = ((WindowsIdentity)Request.User.Identity).GetToken().ToInt64();
var token = new IntPrt(token from request);
IntPtr duplicate;
try
{
    if(NaviteMethod.DuplicateToken(token, SecurityImpersonationLevel.Impersonate, out duplicate) == false)
    {
        var errorCode = Marshal.GetHRForLastWin32Error();
        Marshal.ThrowExceptionForHR(errorCode);
    }

    using(var identity = new WindowsIdentity(duplicate))
    using(var context = identity.Impersonate())
    {
        //do work
        context.Undo();
    }
}
finally
{
    if(duplicate != IntPtr.Zero)
    {
        NaviteMethod.CloseHandler(duplicate);
    }
}

但是我遇到一个异常 I/O重叠操作正在进行中

NativeMethod调用来自此帖子:

The NativeMethod calls come from this post: How do I pass credentials to a machine so I can use Microsoft.Win32.RegistryKey.OpenRemoteBaseKey() on it?

是否可以使用当前用户的令牌并在后台线程上模拟该用户?如果是这样，该怎么办?要实现此权限，是否需要任何用户访问权限?

Is it possible to use the current user's token and impersonate that user on a background thread? If so how can this be done and are there any user access rights required for this to occur?

推荐答案

不幸的是，您无法绕过"LogonUser".一种选择是使用 ASP.NET模拟一个>.如果将第二个代码块的前两行替换为第一个块代码，则第二个已经拥有它.

Unfortunately you cannot bypass the "LogonUser". One option is to use ASP.NET Impersonation. The second one you already have it if you replace the first two lines of your second code block with the first block code.

这篇关于Windows模拟和复制令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！