如何检查 Windows 身份是否在冒充?
How to check if a Windows Identity is impersonating?
是否可以检查 WindowsIdentity 是否在模拟?
是的。只需检查 ImpersonationLevel 属性 的 WindowsIdentity class.
来自 MSDN:
Gets the impersonation level for the user
- Anonymous - The server process cannot obtain identification information about the client, and it cannot impersonate the client
- Delegation - The server process can impersonate the client's security context on remote systems
- Identification - The server process can obtain information about the client...
- Impersonation - The server process can impersonate the client's security context on its local system.
- None
代码片段(已修改 MSDN example):
var identity = WindowsIdentity.GetCurrent();
Console.WriteLine("Before impersonation: " + identity.Name);
Console.WriteLine("ImpersonationLevel: {0}", identity.ImpersonationLevel);
// Use the token handle returned by LogonUser.
using (WindowsIdentity newId = new
WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
{
using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
{
// Check the identity.
identity = WindowsIdentity.GetCurrent();
Console.WriteLine("After impersonation: "+ identity.Name);
Console.WriteLine("ImpersonationLevel: {0}", identity.ImpersonationLevel);
}
}
输出:
更多
是否可以检查 WindowsIdentity 是否在模拟?
是的。只需检查 ImpersonationLevel 属性 的 WindowsIdentity class.
来自 MSDN:
Gets the impersonation level for the user
- Anonymous - The server process cannot obtain identification information about the client, and it cannot impersonate the client
- Delegation - The server process can impersonate the client's security context on remote systems
- Identification - The server process can obtain information about the client...
- Impersonation - The server process can impersonate the client's security context on its local system.
- None
代码片段(已修改 MSDN example):
var identity = WindowsIdentity.GetCurrent();
Console.WriteLine("Before impersonation: " + identity.Name);
Console.WriteLine("ImpersonationLevel: {0}", identity.ImpersonationLevel);
// Use the token handle returned by LogonUser.
using (WindowsIdentity newId = new
WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
{
using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
{
// Check the identity.
identity = WindowsIdentity.GetCurrent();
Console.WriteLine("After impersonation: "+ identity.Name);
Console.WriteLine("ImpersonationLevel: {0}", identity.ImpersonationLevel);
}
}
输出: