I am building an ASP.NET application. The application uses forms authentication. I am not using roles. However, my account has a flag associated with it that signals I am an administrator.
我正在构建一个ASP.NET应用程序。该应用程序使用表单身份验我没有使用角色。但是,我的帐户有一个与之关联的标志,表示我是管理员。
As an administrator, I would like to call another page in the application via Server.Execute. When I call this page though, I would like to call it as another one of the users in the application.
作为管理员,我想通过Server.Execute调用应用程序中的另一个页面。当我调用此页面时,我想将其称为应用程序中的另一个用户。
Is this possible? If so, how do I do it? I know how to run Server.Execute. It's the part of calling it as a different user that is causing me difficulties. I assume this can be done with impersonation. But I'm not sure how to do it.
这可能吗?如果是这样,我该怎么办?我知道如何运行Server.Execute。这是将其称为不同用户的一部分,这会给我带来困难。我认为这可以通过冒充来完成。但我不知道该怎么做。
Thank you!
1 个解决方案
#1
Before calling the page you just replace the current principal (admin) with the principal you want to impersonate (we're talking about ASP.Net impersonation, not Windows)
在调用页面之前,您只需将当前主体(admin)替换为您要模拟的主体(我们谈论的是ASP.Net模拟,而不是Windows)
var identity = new GenericIdentity("username");
//Roles get populated for username
var principal = new RolePrincipal(identity);
//Current thread now impersonated as "username"
Thread.CurrentThread.CurrentPrincipal = principal;
Server.Execute("whatever.aspx");
#1
Before calling the page you just replace the current principal (admin) with the principal you want to impersonate (we're talking about ASP.Net impersonation, not Windows)
在调用页面之前,您只需将当前主体(admin)替换为您要模拟的主体(我们谈论的是ASP.Net模拟,而不是Windows)
var identity = new GenericIdentity("username");
//Roles get populated for username
var principal = new RolePrincipal(identity);
//Current thread now impersonated as "username"
Thread.CurrentThread.CurrentPrincipal = principal;
Server.Execute("whatever.aspx");