Impersonate User Programmatically

Setelah googling kesana kemari dan mencoba-coba beberapa sample code akhirnya saya menemukan cara untuk imopersonate user di .Net secara on the fly.

   1: class Program
   2: {
   3:     [DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
   4:     public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
   5:         int dwLogonType, int dwLogonProvider, ref IntPtr phToken);
   6:  
   7:     [DllImport("kernel32.dll", CharSet = CharSet.Auto)]
   8:     public extern static bool CloseHandle(IntPtr handle);
   9:  
  10:     [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
  11:     public extern static bool DuplicateToken(IntPtr existingTokenHandle,
  12:         int securityImpersonationLevel, ref IntPtr duplicateTokenHandle);
  13:     
  14:     static void Main(string[] args)
  15:     {
  16:         string username = @"user";
  17:         string password = @"password";
  18:         string domain = @"domain";
  19:         IntPtr userSecurityToken = IntPtr.Zero;
  20:         const int logon32ProviderDefault = 0;
  21:         const int logon32LogonInteractive = 2;
  22:  
  23:         //get current identity
  24:         WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent();
  25:  
  26:         if (currentIdentity !=null)
  27:         {
  28:             Console.WriteLine(string.Format("Original Identity Name {0}", currentIdentity.Name));   
  29:         }
  30:         
  31:         //try to retrieve user security token
  32:         bool isSuccessToLogin = LogonUser(username, domain, password, logon32LogonInteractive, logon32ProviderDefault, ref userSecurityToken);
  33:         if (isSuccessToLogin)
  34:         {
  35:             WindowsIdentity impersonateIdentity = new WindowsIdentity(userSecurityToken);
  36:  
  37:             //impersonate user
  38:             var impersonateUser = impersonateIdentity.Impersonate();
  39:  
  40:             //get current identity
  41:             currentIdentity = WindowsIdentity.GetCurrent();
  42:  
  43:             if (currentIdentity != null)
  44:             {
  45:                 Console.WriteLine(string.Format("Impersonate Identity Name {0}", currentIdentity.Name));
  46:             }
  47:  
  48:             //undo impersonate
  49:             impersonateUser.Undo();
  50:  
  51:             //get current identity
  52:             currentIdentity = WindowsIdentity.GetCurrent();                
  53:  
  54:             if (currentIdentity != null)
  55:             {
  56:                 Console.WriteLine(string.Format("Undo Impersonate Identity Name {0}", currentIdentity.Name));
  57:             } 
  58:         }
  59:  
  60:         Console.ReadLine();
  61:     }
  62: }

dan hasilnya :

result

Code di atas sukses jalan di mesin saya dengan OS Windows Server 2008 R2 Enterprise.

Berdasarkan link ini, code di atas dapat berjalan di OS Windows 2000 atau yg lebih baru.

Share this post: | | | |
Published Thursday, March 17, 2011 4:35 PM by ekasinggih
Filed under:

Comments

No Comments
Powered by Community Server (Commercial Edition), by Telligent Systems