【发布时间】:2011-02-20 18:22:58
【问题描述】:
我创建了 Impersonation 类,其中包括 WindowsIdentity 和 WindowsImpersonationContext,并且在服务运行一段时间后,我在身份验证应用程序中添加了 Impersonation,lsass.exe 进程消耗大量内存和 CPU,请问建议我如何解决这个问题?
public class Impersonation : IDisposable
{
#region external
// Declare signatures for Win32 LogonUser and CloseHandle APIs
[DllImport("advapi32.dll", SetLastError = true)]
static extern bool LogonUser(
string principal,
string authority,
string password,
LogonSessionType logonType,
LogonProvider logonProvider,
out IntPtr token);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool CloseHandle(IntPtr handle);
enum LogonSessionType : uint
{
Interactive = 2,
Network,
Batch,
Service,
NetworkCleartext = 8,
NewCredentials
}
enum LogonProvider : uint
{
Default = 0, // default for platform (use this!)
WinNT35, // sends smoke signals to authority
WinNT40, // uses NTLM
WinNT50 // negotiates Kerb or NTLM
}
#endregion
#region variables
private WindowsIdentity m_userWindowsID;
private WindowsImpersonationContext m_userImpersonationContext;
#endregion
public void LogonWindowsUser(string domain, string userLogin, string password)
{
IntPtr token;
// Create a token for DomainName\Bob
// Note: Credentials should be encrypted in configuration file
bool result = LogonUser(userLogin, domain, password,
LogonSessionType.NewCredentials,
LogonProvider.Default,
out token);
if (result)
{
m_userWindowsID = new WindowsIdentity(token);
}
}
public void ImpersonateUser()
{
if (m_userWindowsID == null)
{
throw new Exception("User is not loged on");
}
m_userImpersonationContext = m_userWindowsID.Impersonate();
}
#region IDisposable Members
public void Dispose()
{
if (m_userImpersonationContext != null)
{
m_userImpersonationContext.Undo();
m_userImpersonationContext.Dispose();
}
if (m_userWindowsID != null)
{
CloseHandle(m_userWindowsID.Token);
m_userWindowsID.Dispose();
//m_userWindowsID.Token = IntPtr.Zero;
}
}
#endregion
}
【问题讨论】:
-
能否贴出相关代码?
-
您检查过病毒吗?有一个病毒,将自身作为服务启动,名为 lsass.exe
标签: windows authentication impersonation