ASP.NET 模拟身份

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.IO;
using System.Web.Security;
using System.Security.Principal;
using System.Runtime.InteropServices;
namespace Security
{
 /// <summary>
 /// ASPNETImp 的摘要说明。
 /// </summary>
 public class ASPNETImp : System.Web.UI.Page
 {
  protected System.Web.UI.WebControls.Label lbExist;
  protected System.Web.UI.WebControls.Label Label2;
  public const int LOGON32_LOGON_INTERACTIVE = 2;
  public const int LOGON32_PROVIDER_DEFAULT = 0;
  WindowsImpersonationContext impersonationContext;
  [DllImport("advapi32.dll", CharSet=CharSet.Auto)]
  public static extern int LogonUser(String lpszUserName,String lpszDomain,
   String lpszPassword,int dwLogonType,int dwLogonProvider,
   ref IntPtr phToken);
  [DllImport("advapi32.dll", CharSet=System.Runtime.InteropServices.CharSet.Auto,
    SetLastError=true)]
  public extern static int DuplicateToken(IntPtr hToken,int impersonationLevel, ref IntPtr hNewToken);
  private void Page_Load(object sender, System.EventArgs e)
  {
   //noImpersonate();
   //ImpersonateIIS();
   ImpersonateUser();
 
  }
  private void noImpersonate()
  {
   try
   {
    if(File.Exists("c://Documents and Settings//shaozhidong//test.txt"))
     lbExist.Text = "存在!";
    else
     lbExist.Text = "该文件不存在!";
   }
   catch(Exception)
   {
    lbExist.Text = "没有权限!";
   }
  }
  private void ImpersonateIIS()
  {
   // 在代码中模拟IIS认证帐号
   System.Security.Principal.WindowsImpersonationContext impersonationContext;
   impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();

   if(File.Exists("c://Documents and Settings//shaozhidong//test.txt"))
    lbExist.Text = "存在!";
   else
    lbExist.Text = "该文件不存在!";
   
   impersonationContext.Undo();
  }
  private void ImpersonateUser()
  {
   //在代码中模拟指定账号
   if(impersonateValidUser("shaozhidong", "shaozhd", "111"))
   {  
    if(File.Exists("c://Documents and Settings//shaozhidong//test.txt"))
     lbExist.Text = "存在!";
    else
     lbExist.Text = "该文件不存在!";
    undoImpersonation();  
   }
   else
   {   
    lbExist.Text = "权限不够！";
   }
  }
  private bool impersonateValidUser(string userName, string domain, string password)
  {  
   WindowsIdentity tempWindowsIdentity;  
   IntPtr token = IntPtr.Zero;  
   IntPtr tokenDuplicate = IntPtr.Zero;
   if(LogonUser(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
    LOGON32_PROVIDER_DEFAULT, ref token) != 0) 
   {     
    if(DuplicateToken(token, 2, ref tokenDuplicate) != 0)
    {        
     tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
     impersonationContext = tempWindowsIdentity.Impersonate();
                    if (impersonationContext != null)
      return true;
     else
      return false; 
    }  
    else
     return false; 
   }   
   else
    return false;
  }
  private void undoImpersonation()
  {    
   impersonationContext.Undo();
  }
  #region Web Form Designer generated code
  override protected void OnInit(EventArgs e)
  {
   //
   // CODEGEN：该调用是 ASP.NET Web 窗体设计器所必需的。
   //
   InitializeComponent();
   base.OnInit(e);
  }
  
  /// <summary>
  /// 设计器支持所需的方法 - 不要使用代码编辑器修改
  /// 此方法的内容。
  /// </summary>
  private void InitializeComponent()
  {   
   this.Load += new System.EventHandler(this.Page_Load);

  }
  #endregion
 }
}