.NET中验证域用户名以及密码的方式,其本质是调用Windows API来获取得到当前系统的登录域、用户名、密码信息然后调用Windows API来验证就可以了。
usingSystem;
usingSystem.Data;
usingSystem.Configuration;
usingSystem.Web;
usingSystem.Web.Security;
usingSystem.Web.UI;
usingSystem.Web.UI.WebControls;
usingSystem.Web.UI.WebControls.WebParts;
usingSystem.Web.UI.HtmlControls;
usingSystem.Runtime.InteropServices;//必要引用
usingSystem.Security.Principal;//必要引用
/**////<summary>
///UserLoginForDomain的摘要说明
///适用ASP.NET2.0
///WindowsXP调试成功
///调用”advapi32.dll“win32API
///</summary>
publicclassUserLoginForDomain
{
publicUserLoginForDomain()
{
//
//TODO:在此处添加构造函数逻辑
//
}
【用户登录域】方法#region【用户登录域】方法
publicconstintLOGON32_LOGON_INTERACTIVE=2;
publicconstintLOGON32_PROVIDER_DEFAULT=0;
WindowsImpersonationContextimpersonationContext;
[DllImport("advapi32.dll",CharSet=CharSet.Auto)]
publicstaticexternintLogonUser(StringlpszUserName,
StringlpszDomain,
StringlpszPassword,
intdwLogonType,
intdwLogonProvider,
refIntPtrphToken);
[DllImport("advapi32.dll",CharSet=System.Runtime.InteropServices.CharSet.Auto,SetLastError=true)]
publicexternstaticintDuplicateToken(IntPtrhToken,
intimpersonationLevel,
refIntPtrhNewToken);
/**////<summary>
///输入用户名、密码、登录域判断是否成功
///</summary>
///<example>
///if(impersonateValidUser(UserName,Domain,Password)){}
///</example>
///<paramname="userName">账户名称,如:stringUserName=UserNameTextBox.Text;</param>
///<paramname="domain">要登录的域,如:stringDomain=DomainTextBox.Text;</param>
///<paramname="password">账户密码,如:stringPassword=PasswordTextBox.Text;</param>
///<returns>成功返回true,否则返回false</returns>
publicboolimpersonateValidUser(StringuserName,Stringdomain,Stringpassword)
{
WindowsIdentitytempWindowsIdentity;
IntPtrtoken=IntPtr.Zero;
IntPtrtokenDuplicate=IntPtr.Zero;
if(LogonUser(userName,domain,password,LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,reftoken)!=0)
{
if(DuplicateToken(token,2,reftokenDuplicate)!=0)
{
tempWindowsIdentity=newWindowsIdentity(tokenDuplicate);
impersonationContext=tempWindowsIdentity.Impersonate();
if(impersonationContext!=null)
returntrue;
else
returnfalse;
}
else
returnfalse;
}
else
returnfalse;
}
publicvoidundoImpersonation()
{
impersonationContext.Undo();
}
#endregion
ASP.NET中的网页调用代码:
【用户登录域】示例#region【用户登录域】示例
<%@PageLanguage="C#"AutoEventWireup="true"CodeFile="Default6.aspx.cs"Inherits="Default6"%>
<!DOCTYPEhtmlPUBLIC"-//W3C//DTDXHTML1.0Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<htmlxmlns="http://www.w3.org/1999/xhtml">
<headid="Head1"runat="server">
<title>ASP.NET模拟登录验证</title>
</head>
<body>
<formid="form1"runat="server">
<div>
账户:<asp:TextBoxID="UserNameTextBox"runat="server"></asp:TextBox><br/>
密码:<asp:TextBoxID="PasswordTextBox"runat="server"></asp:TextBox><br/>
域名:<asp:TextBoxID="DomainTextBox"runat="server"></asp:TextBox><br/>
<asp:ButtonID="OKButton"runat="server"OnClick="OKButton_Click"Text="Button"/></div>
</form>
</body>
</html>
=========================================================================
protectedvoidOKButton_Click(objectsender,EventArgse)
{
stringUserName=UserNameTextBox.Text;
stringDomain=DomainTextBox.Text;
stringPassword=PasswordTextBox.Text;
UserLoginForDomainCheckUserLogin=newUserLoginForDomain();
if(CheckUserLogin.impersonateValidUser(UserName,Domain,Password))
Response.Write(UserNameTextBox.Text+"isOK");
else
Response.Write(UserNameTextBox.Text+"isError");
}
#endregion