通过NTLM冒充用户 [英] Impersonating users through NTLM

问题描述

我有一个有安全两个层面的内部应用程序。 FormsAuthentication为管理界面面向客户的应用程序和NTLM集成身份验证。

I have an internal application which has two levels of security. FormsAuthentication for client-facing application and NTLM Integrated authentication for management interface.

我可以很容易地只是创造与FormsAuthentication类的方法正确.ASPXAUTH饼干冒充客户。但是生成HTTP认证头中NTLM超出了我那么远。

I can easily impersonate clients by just creating the proper .ASPXAUTH cookie with the FormsAuthentication class' methods. However generating HTTP Authentication header for NTLM is beyond me so far.

我有我的希望，当我发现这篇文章（<一个href=\"http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025_usingimpersonation\">http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025_usingimpersonation)但后来我意识到，这只是创建了一个上下文中的请求的持续运行code，而且我想我的切换整个会话，使服务器以为我在使用其他域名登录。我有管理权限在我的帐户，因此它不是胡闹或窃取域密码的目的。

I had my hopes up when I found this article (http://msdn.microsoft.com/en-us/library/ms998358.aspx#paght000025_usingimpersonation) but then I realized that it only creates a context to run code in for a duration of the request. And I would like to switch my entire session to make the server think I'm using another domain login. I have administrative privileges on my account, so it's not for the purpose of screwing around or stealing domain passwords.

它甚至有可能？谢谢你。

Is it even possible? Thanks.

推荐答案

让说你Forms身份验证启用ASP.NET应用程序的登录表单的login.aspx和您的用户存储在数据库中。现在，你想支持，窗体和Windows身份验证。这就是我做的：

Let say you have Forms authentication enabled ASP.NET app with login form login.aspx and your users are stored in DB. Now you'd like to support both, Forms and Windows authentication. That's what I do:

有关窗体身份验证我使用SQL与数据库，让说，用户表。我添加到名为WindowsUserName此表新列中，我将在形式的计算机\\用户保存Windows用户名

For forms auth I use SQL DB with, let say, Users table. I add to this table new column named WindowsUserName in which I'll save Windows user's name in form COMPUTER\User

在login.aspx的形式我添加了一个方法，这将发送会显示登录窗口的响应：

In login.aspx form I add a method, which will send a response that will shows login window:

private void ActivateWindowsLogin()
{
    Response.StatusCode = 401;
    Response.StatusDescription = "Unauthorized";
    Response.End();
}

某处我有一个像℃的联系;？login.aspx的使用=窗口A HREF =＆GT;联系＆LT; / A＆GT;

在login.aspx的Page_Load中我已经加入：

In login.aspx Page_Load I have added:

if (Request.QueryString["use"] == "windows")
{
    var windowsuser = Request.ServerVariables["LOGON_USER"];
    if (windowsuser.Length == 0)
        ActivateWindowsLogin();
    else
    {
        // get userId from DB for Windows user that was authenticated by IIS
        // I use userId in .ASPXAUTH cookie
        var userId = GetUserIdForWindowsUser(windowsuser);
        if (userId > 0) //user found
        {
            // here we get User object to check roles or other stuff
            var user = GetApplicationUser(userId);
            // perform additional checks here and call ActivateWindowsLogin()
            // to show login again or redirect to access denied page.
            // If everythig is OK, set cookie and redirect
            FormsAuthentication.SetAuthCookie(userId.ToString(), false);
            Response.Redirect(FormsAuthentication.GetRedirectUrl(userId.ToString(), false), true);
        }
        else //user not found
            ActivateWindowsLogin();
    }
}
else
{
    //your Forms auth routine
}

GetUserIdForWindowsUser和GetApplicationUser是我的方法只是样品。

GetUserIdForWindowsUser and GetApplicationUser are my methods just for sample.

这篇关于通过NTLM冒充用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！