冒充从code后面通过窗体身份验证用户 [英] Impersonate a User from Code Behind via Forms Authentication

问题描述

是否有可能使用窗体身份验证时，模拟用户？

Is it possible to Impersonate a user when using Forms Authentication?

的事情是，我想要的外部登录的用户，而只使用集成的Windows安全性和用户需要进行模拟的内部网站。

The thing is that I want an external login for users and an internal site that just uses integrated windows security and the users need to be impersonated.

我环顾四周，发现约翰的回答这里真的很不错，但我不完全得到我怎么能和我的Forms身份验证混合起来。

I've looked around and found that John's answer here is really good, but I don't quite get how I can mix it up with my Forms authentication.

建议？

修改

我想有一个＆LT; ASP：登录/＆GT; 控制和这个控件将验证对具有同一组用户的Windows计算机的Active Directory我想使用模拟的。

I want to have an <asp:Login /> control and this control will authenticate against an Active Directory which has the same set of users as the Windows Machine that I want to use impersonation on.

我的问题是，我不明白我怎么可以被提供给＆LT，同样的用户名和pasword impersoante; ASP：登录/＆GT; 控制。

My problem is that I don't get how I can impersoante with the same username and pasword that is provided to the <asp:Login /> control.

推荐答案

为了该解决方案的工作，你需要访问该用户的ID和密码。我不相信，你可以使用的登录用户的控制得到这一点;你需要创建自己的登录表单和处理登录操作自己。保持用户的ID和密码，pferably $ P $的安全字符串，在会议上，一旦你验证，当你需要访问内部网站代表他们，用冒领类从引用的例子使用假冒他们凭据。

In order for that solution to work, you'll need access to the user's id and password. I don't believe that you can get this using the Login user control; you'll need to create your own login form and handle the login actions yourself. Keep the user's id and password, preferably in a secure string, in the session once you've authenticated and when you need to access the internal site on their behalf, use the Impersonator class from the referenced example to impersonate them using the credentials.

  using (var context = Impersonator.LogOn( username, password ))
  {
      try
      {
      ....
      }
      finally
      {
         context.Undo();
      }
  }

这篇关于冒充从code后面通过窗体身份验证用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！