C#(.NET1.1)程序,由于程序中要增删文件服务器的某个共享文件夹S的的文件(所有客户端和服务器都在域中),
现在的做法是这个S文件夹共享并对所有的域用户开最大的权限,所以感觉非常不安全。能否在程序中设定某个公用的账户(只有这个帐号对S文件夹有权限),用来操作S中的文件,因为这个账户只有我知道,所以比现在的情况肯定安全多了。谢谢。
现在的做法是这个S文件夹共享并对所有的域用户开最大的权限,所以感觉非常不安全。能否在程序中设定某个公用的账户(只有这个帐号对S文件夹有权限),用来操作S中的文件,因为这个账户只有我知道,所以比现在的情况肯定安全多了。谢谢。
解决方案 »
- 用.net的B/S模式,人员关系图像化展示他们之间的关系
- 怎么把一个char变成一个string 啊?
- MessageQueue收到消息后,如何把message转换成我自定义的struct类型啊。
- C# 怎么根据flg的值将checkbox怎么设置为相对应的状态?
- 紧急求助:c#执行含有create schema语句的sql的问题
- 对datatable数据进行条件筛选
- 最近想写一个类似 C# 或 VC 的编辑开发接口
- 如何将DataGrid中的记录打印出来?
- 你更看好哪个,C#还是VC.NET?
- 哪位朋友能给一个Mp3播放器的源代码?
- vista安装vs2008问题
- 模块间传递对象,设计上的问题
codeproject抄来一个代码:
namespace Tools
{
#region Using directives.
// ---------------------------------------------------------------------- using System;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.ComponentModel; // ----------------------------------------------------------------------
#endregion ///////////////////////////////////////////////////////////////////////// /// <summary>
/// Impersonation of a user. Allows to execute code under another
/// user context.
/// Please note that the account that instantiates the Impersonator class
/// needs to have the 'Act as part of operating system' privilege set.
/// </summary>
/// <res>
/// This class is based on the information in the Microsoft knowledge base
/// article http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306158
///
/// Encapsulate an instance into a using-directive like e.g.:
///
/// ...
/// using ( new Impersonator( "myUsername", "myDomainname", "myPassword" ) )
/// {
/// ...
/// [code that executes under the new context]
/// ...
/// }
/// ...
///
/// Please contact the author Uwe Keim (mailto:[email protected])
/// for questions regarding this class.
/// </res>
public class Impersonator :
IDisposable
{
#region Public methods.
// ------------------------------------------------------------------ /// <summary>
/// Constructor. Starts the impersonation with the given credentials.
/// Please note that the account that instantiates the Impersonator class
/// needs to have the 'Act as part of operating system' privilege set.
/// </summary>
/// <param name="userName">The name of the user to act as.</param>
/// <param name="domainName">The domain name of the user to act as.</param>
/// <param name="password">The password of the user to act as.</param>
public Impersonator(
string userName,
string domainName,
string password )
{
ImpersonateValidUser( userName, domainName, password );
} // ------------------------------------------------------------------
#endregion #region IDisposable member.
// ------------------------------------------------------------------ public void Dispose()
{
UndoImpersonation();
} // ------------------------------------------------------------------
#endregion #region P/Invoke.
// ------------------------------------------------------------------ [DllImport("advapi32.dll", SetLastError=true)]
private static extern int LogonUser(
string lpszUserName,
string lpszDomain,
string lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
private static extern int DuplicateToken(
IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken); [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
private static extern bool RevertToSelf(); [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
private static extern bool CloseHandle(
IntPtr handle); private const int LOGON32_LOGON_INTERACTIVE = 2;
private const int LOGON32_PROVIDER_DEFAULT = 0; // ------------------------------------------------------------------
#endregion #region Private member.
// ------------------------------------------------------------------ /// <summary>
/// Does the actual impersonation.
/// </summary>
/// <param name="userName">The name of the user to act as.</param>
/// <param name="domainName">The domain name of the user to act as.</param>
/// <param name="password">The password of the user to act as.</param>
private void ImpersonateValidUser(
string userName,
string domain,
string password )
{
WindowsIdentity tempWindowsIdentity = null;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero; try
{
if ( RevertToSelf() )
{
if ( LogonUser(
userName,
domain,
password,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
ref token ) != 0 )
{
if ( DuplicateToken( token, 2, ref tokenDuplicate ) != 0 )
{
tempWindowsIdentity = new WindowsIdentity( tokenDuplicate );
impersonationContext = tempWindowsIdentity.Impersonate();
}
else
{
throw new Win32Exception( Marshal.GetLastWin32Error() );
}
}
else
{
throw new Win32Exception( Marshal.GetLastWin32Error() );
}
}
else
{
throw new Win32Exception( Marshal.GetLastWin32Error() );
}
}
finally
{
if ( token!= IntPtr.Zero )
{
CloseHandle( token );
}
if ( tokenDuplicate!=IntPtr.Zero )
{
CloseHandle( tokenDuplicate );
}
}
} /// <summary>
/// Reverts the impersonation.
/// </summary>
private void UndoImpersonation()
{
if ( impersonationContext!=null )
{
impersonationContext.Undo();
}
} private WindowsImpersonationContext impersonationContext = null; // ------------------------------------------------------------------
#endregion
} /////////////////////////////////////////////////////////////////////////
}
...
using ( new Impersonator( "myUsername", "myDomainname", "myPassword" ) )
{
...
<code that executes under the new context>
...
}
...