问题
I'm writing some code to utilise a 3rd party component, and I need to supply an object which implements ICredentials when I start to use it.
If I write the following...
var credential = new NetworkCredential("MyUsername", "MyPassword");
...and pass "credential", it's fine. But I would like to pass the credentials of the current user (it's a Windows service, so runs as a specified user).
I have tried both of the following, but neither appear to work (or return anything):
NetworkCredential credential = System.Net.CredentialCache.DefaultCredentials;
NetworkCredential credential = CredentialCache.DefaultNetworkCredentials;
Can anyone suggest how to acquire an approriate object, which represents the credentials of the username that the service is running under ?
Thanks
回答1:
have you tried WindowsIdentity.GetCurrent()?
you could also look at this example... http://www.codeproject.com/KB/vb/Windows_Service.aspx
回答2:
You need to do impersonation, for example:
System.Security.Principal.WindowsImpersonationContext impersonationContext;
impersonationContext =
((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();
//Insert your code that runs under the security context of the authenticating user here.
impersonationContext.Undo();
http://support.microsoft.com/kb/306158
Or you can use web.config:
<identity impersonate="true" />
回答3:
The ideal security situation is that the password of a logged in user is not stored anywhere in memory. It is not stored anywhere on disk either. It exists only as a hash value to be compared against a string entered by a human being. Storing a password in clear is inherently a security risk and should be avoided whenever possible.
Given this principle, there is NO part of the operating system that even HAS your user's password in the clear, much less be willing to give it to you.
回答4:
Unfortunately you have to interop with the WMI like this:
http://www.codeproject.com/Articles/28161/Using-WMI-to-manipulate-services-Install-Uninstall
The value you're looking to query for is StartName, which will evaluate to something like "NT Authority\NetworkService" (or whatever you're using). If you mash up the second part of this article with the first part getting it should be pretty straightforward.
回答5:
Have you tried setting the principalpolicy for the appdomain at the start of the application?
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
Setting this value before accessing the current principal object via the thread makes sure the windows identity is used in this object.
edit - I'm pretty sure this works for DefaultNetworkCredentials. I used it to access a web service with windows authentication from a windows forms app.
回答6:
if you just want to run a process as the current user adds the verb:
"runas " & Environment.UserName
If you want to run the process as admin just wrote "runas"
in vb.net
Dim ps As New System.Diagnostics.ProcessStartInfo("filepath", "arguments")
ps.Verb = "runas" 'run as admin
'ps.Verb = "runas " & Environment.UserName'run as current user, by default
Dim p As System.Diagnostics.Process = System.Diagnostics.Process.Start(ps)
if you want to get the current user password, you can not, in fact it is an unsafe practice. What right and for what purpose your service needs to get my Windows password secret? for example is like giving the pin code of your phone to whatsapp
来源:https://stackoverflow.com/questions/2319675/how-do-you-get-credentials-networkcredential-of-currently-logged-in-user