开发者

How do you get credentials (NetworkCredential) of currently logged in user?

开发者 https://www.devze.com 2022-12-20 20:42 出处:网络
I\'m writing some code to utilise a 3rd party component, and I need to supply an object which implements ICredentials when I start to use it.

I'm writing some code to utilise a 3rd party component, and I need to supply an object which implements ICredentials when I start to use it.

If I write the following...

var credential = new NetworkCredential("MyUsername", "MyPassword");

...and pass "cr开发者_如何转开发edential", it's fine. But I would like to pass the credentials of the current user (it's a Windows service, so runs as a specified user).

I have tried both of the following, but neither appear to work (or return anything):

NetworkCredential credential = System.Net.CredentialCache.DefaultCredentials;
NetworkCredential credential = CredentialCache.DefaultNetworkCredentials;

Can anyone suggest how to acquire an approriate object, which represents the credentials of the username that the service is running under ?

Thanks


have you tried WindowsIdentity.GetCurrent()?

you could also look at this example... http://www.codeproject.com/KB/vb/Windows_Service.aspx


You need to do impersonation, for example:

    System.Security.Principal.WindowsImpersonationContext impersonationContext;
impersonationContext = 
    ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();

//Insert your code that runs under the security context of the authenticating user here.

impersonationContext.Undo();

http://support.microsoft.com/kb/306158

Or you can use web.config:

<identity impersonate="true" />


The ideal security situation is that the password of a logged in user is not stored anywhere in memory. It is not stored anywhere on disk either. It exists only as a hash value to be compared against a string entered by a human being. Storing a password in clear is inherently a security risk and should be avoided whenever possible.

Given this principle, there is NO part of the operating system that even HAS your user's password in the clear, much less be willing to give it to you.


Unfortunately you have to interop with the WMI like this:

http://www.codeproject.com/Articles/28161/Using-WMI-to-manipulate-services-Install-Uninstall

The value you're looking to query for is StartName, which will evaluate to something like "NT Authority\NetworkService" (or whatever you're using). If you mash up the second part of this article with the first part getting it should be pretty straightforward.


Have you tried setting the principalpolicy for the appdomain at the start of the application?

AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);

Setting this value before accessing the current principal object via the thread makes sure the windows identity is used in this object.

edit - I'm pretty sure this works for DefaultNetworkCredentials. I used it to access a web service with windows authentication from a windows forms app.


if you just want to run a process as the current user adds the verb: "runas " & Environment.UserName

If you want to run the process as admin just wrote "runas"

in vb.net

Dim ps As New System.Diagnostics.ProcessStartInfo("filepath", "arguments")

ps.Verb = "runas" 'run as admin

'ps.Verb = "runas " & Environment.UserName'run as current user, by default

Dim p As System.Diagnostics.Process = System.Diagnostics.Process.Start(ps)

if you want to get the current user password, you can not, in fact it is an unsafe practice. What right and for what purpose your service needs to get my Windows password secret? for example is like giving the pin code of your phone to whatsapp

0

精彩评论

暂无评论...
验证码 换一张
取 消