c# :
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Principal;
using System.Runtime.InteropServices;
using System.Data.SqlClient;
using System.Web.SessionState;
public partial class login : System.Web.UI.Page
{
String str_userId = "";
String str_userName = "";
String str_name = "";
String str_email = "";
string str_shenfen = "";
public const int LOGON32_LOGON_INTERACTIVE = 2;
public const int LOGON32_PROVIDER_DEFAULT = 0;
WindowsImpersonationContext impersonationContext;
[DllImport("advapi32.dll")]
public static extern int LogonUserA(String lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern int DuplicateToken(IntPtr hToken,
int impersonationLevel, ref IntPtr hNewToken);
[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern bool RevertToSelf();
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public static extern bool CloseHandle(IntPtr handle);
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnok_Click(object sender, EventArgs e)
{
///
if (Page.IsValid == true)
{ ///
// if (impersonateValidUser(Convert.ToString(txteid.Text.Trim()), "your domain", Convert.ToString(txtpsw.Text.Trim())))
// {
IISAuthUser = Convert.ToString(txteid.Text.Trim());
IUser user = new User();
SqlDataReader recu = user.GetUserLoginL(IISAuthUser);
///
if (recu.Read())
{
str_userId = recu["UserID"].ToString();
str_userName = recu["UserName"].ToString();
str_name = recu["Name"].ToString();
str_email = recu["email"].ToString();
str_shenfen = recu["shenfen"].ToString();
Label1.Text = " , " + str_name;
}
recu.Close();
/// ,
if ((str_userId != null) && (str_userId != ""))
{
Session["UserID"] = str_userId;
Session["UserName"] = str_userName;
Session["Name"] = str_name;
Session["email"] = str_email;
Session["shenfen"] = str_shenfen;
switch (Convert.ToString(Session["shenfen"]))
{
case "staffer":
Session["title"] = "Fill In Purchase Order";
Response.Redirect("~/main.aspx?gl=apply");
break;
default:
Session["title"] = "Approve Purchase Order";
Response.Redirect("~/approve.aspx");
break;
}
}
else
{
Label1.Text = " , IT !";
}
//
}
else
{
Label1.Text = " , IT !";
}
// }
}
private bool impersonateValidUser(String userName, String domain, String password)
{
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;
if (RevertToSelf())
{
if (LogonUserA(userName, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0)
{
if (DuplicateToken(token, 2, ref tokenDuplicate) != 0)
{
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if (impersonationContext != null)
{
CloseHandle(token);
CloseHandle(tokenDuplicate);
return true;
}
}
}
}
if (token != IntPtr.Zero)
CloseHandle(token);
if (tokenDuplicate != IntPtr.Zero)
CloseHandle(tokenDuplicate);
return false;
}
private void undoImpersonation()
{
impersonationContext.Undo();
}
}