WindowsIdentityMembers.LogonUser() No Documentation  
Author Message
William McIlroy





PostPosted: .NET Base Class Library, WindowsIdentityMembers.LogonUser() No Documentation Top

The subject method appears in sample code for WindowsIdentity.  I cannot find information about the method WindowsIdentityMembers.LogonUser() in Help (i.e. MSDN for Whidby).  The method is a real aid to developers who previously were required to do a P/Invoke to unmanaged code to obtain the token.  See code from sample...

// Retrieve the Windows account token for the current user.

IntPtr logonToken = WindowsIdentityMembers.LogonUser();

// Constructor implementations.

IntPtrConstructor(logonToken);

StringConstructor();

IntPtrStringConstructor(logonToken);

StringStringConstructor();

IntPtrStringTypeConstructor(logonToken);

IntPrtStringTypeBoolConstructor(logonToken);

// Property implementations.

UseProperties(logonToken);

// Method implementations.

GetAnonymousUser();

ImpersonateIdentity(logonToken);

Console.WriteLine("This sample completed successfully; " +

"press Enter to exit.");

Console.ReadLine();



.NET Development30  
 
 
Vikram





PostPosted: .NET Base Class Library, WindowsIdentityMembers.LogonUser() No Documentation Top

Hi William,

I believe you are referring to the class WindowsIdentityMembers which has been provided as a sample on this page.

That class is not part of the .NET Framework, its just a sample. Even in .NET 2.0, PInvoke is used to call LogonUser. As for the LogonUser method in the sample - thats just returning the token for the current logged on user.

For a code sample on using LogonUser Unmanaged API, take a look here.

Regards,
Vikram


Mark the best answers as replies...!


 
 
luigi_loaec





PostPosted: .NET Base Class Library, WindowsIdentityMembers.LogonUser() No Documentation Top

Hello,

I am building two applications, one on a file server, the other for clients.
I would like to control on the file server the files read permissions for the currently connected user.
I have only find how to make it using logonuser with the pasword but i don't like so much...

code :

using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.Security.AccessControl;
using System.IO;
using System.Security.Permissions;
namespace ConsoleApplication2
{
class Class1
{
//Cette fonction prends le jeton de securite pour un utilisateur.
[DllImport("advapi32.dll")]
private static extern int LogonUser(string lpszUsername ,
string lpszDomain ,string lpszPassword ,int dwLogonType,
int dwLogonProvider ,ref IntPtr phToken);

public enum Logon :int
{
Interactive = 2 ,
NetworkCleartext = 8
}

public enum Provider :int
{
WindowsNT35 = 1,
WindowsNT40 = 2,
Windows2000 = 3
}

// cette fonction duplique le jeton
[DllImport("advapi32.dll",CharSet=CharSet.Auto, SetLastError=true)]
private static extern int DuplicateToken (IntPtr ExistingTokenHandle, int ImpersonationLevel, ref IntPtr DuplicateTokenHandle);

[STAThread]
static void Main(string[] args)
{
Console.WriteLine("//- Utilisateur courant -\\ ");
DisplayIdentityInfo();

// prend les informations de l'utilisateur.
Console.WriteLine("Entrer les informations pour vous indentifier :");
string UserName;
string Domaine;
string Password;

Console.Write("Domaine: ");
Domaine = Console.ReadLine();
Console.Write("Nom utilisateur: ");
UserName = Console.ReadLine();
Console.Write("Mot de passe : ");
Password = Console.ReadLine();

// indentifier la nouvelle personne

WindowsIdentity NewIdentity;
NewIdentity = GetWindowsIdentity(UserName, Domaine, Password);
Console.WriteLine();

if (NewIdentity == null)
{
Console.WriteLine("Information invalide");
}
else
{
// deidentification de l'ancienne identite
// au profit de la nouvelle
WindowsImpersonationContext NewContext;
NewContext = NewIdentity.Impersonate();

Console.WriteLine("//- LOGIN -\\ ");
DisplayIdentityInfo();

// revient a l'identite d'origine

NewContext.Undo();
Console.WriteLine("//- LOGOUT-\\");
DisplayIdentityInfo();
}

Console.ReadLine();

}

// cette fonction affiche les informations de l'utilisateur courant

public static void DisplayIdentityInfo()
{
WindowsIdentity Identity = WindowsIdentity.GetCurrent();

Console.WriteLine("Cette application se lance avec " + Identity.Name);
Console.WriteLine();
}

// cette fonction utilise les API pour obtenir le WindowsIdentity
// pour le donner a l'utilisateur
public static WindowsIdentity GetWindowsIdentity(string UserName ,
string Domaine,string Password)
{
IntPtr SecurityToken= new IntPtr(0);
IntPtr TokenDuplicate= new IntPtr(0);

if (LogonUser(UserName, Domaine, Password, (int)Logon.Interactive,0,ref SecurityToken) > 0)
{
DuplicateToken(SecurityToken, 2, ref TokenDuplicate);
return new WindowsIdentity(TokenDuplicate);
}
else
return null;
}
private static bool CanRead(string fname, WindowsIdentity WinIdentity)
{

WindowsPrincipal WinPrincipal = new WindowsPrincipal(WinIdentity);
bool AllowRead = false;
try
{
FileInfo fi = new FileInfo(fname);
FileSecurity sec = fi.GetAccessControl();
foreach (FileSystemAccessRule rule in sec.GetAccessRules(true, true, typeof(NTAccount)))
{
if (WinPrincipal.IsInRole(rule.IdentityReference.Value))
{
if (((int)rule.FileSystemRights & (int)FileSystemRights.Read) > 0)
{
if (rule.AccessControlType == AccessControlType.Allow)
{
AllowRead = true;
}
else if (rule.AccessControlType == AccessControlType.Deny)
{
return false;
}
}
}
}
}
catch (Exception e)
{
AllowRead = false;
}
return AllowRead;
}
}

}

Could you help me

Thanks

Louis-Guillaume

 
 
Lucian Bargaoanu





PostPosted: .NET Base Class Library, WindowsIdentityMembers.LogonUser() No Documentation Top

You need impersonation. You can get it with remoting or web services.