Windows下实现USBkey桌面登录
来源:互联网 发布:chrome js格式化插件 编辑:程序博客网 时间:2024/06/06 01:14
1 本地登录原理
1.1登录流程
1 用户按下Ctrl+Alt+Del,激活Winlogon.exe程序
2 winlogon.exe检查注册表项 MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/GinaDll,如果没有,默认为msgina.dll
3 winlogon.exe调用Gina
4 Gina检查用户的状态
5 如果用户是在未登录状态,弹出对话框让用户输入帐号口令
6 用户输入帐号口令
7 Gina传到LSA检查用户的帐号口令
8 LSA从SAM比较用户的帐号口令
9 如果匹配,返回用户的SID
10 Gina返回用户登录token
11 winlogon返回用户登录桌面
1.2 SAS事件
Winlogon和GINA 之间传递的SAS消息。GINA监听SAS消息,并通过WlxSasNotify方法通知Winlogon SAS消息,Winlogon收到SAS消息后,调用GINA相应的处理方法。(ms-help://MS.VSCC.v80/MS.MSDN.v80/MS.WIN32COM.v10.en/secauthn/security/interaction_between_winlogon_and_gina.htm):
Workstation boot:
Winlogon calls the GINA's WlxNegotiate function to notify the GINA about the version of Winlogon in use.
Winlogon calls the GINA's WlxInitialize function to give the GINA the addresses of the support functions, a handle to Winlogon, and to obtain thecontext information for the GINA (to be used in all future calls to the GINA).
Winlogon is in the logged-out state.
No one is logged on:
(The GINA monitors devices for SAS events).
The GINA calls Winlogon's WlxSasNotify function when a SAS event has been received.
Winlogon calls the GINA's WlxLoggedOutSAS function, allowing the GINA to process a user's identification and authentication information.
When logon is successful, Winlogon is in the logged-on state.
The user is logged on:
(The GINA monitors devices for SAS events).
The GINA calls Winlogon's WlxSasNotify function when a SAS event has been received.
Winlogon calls the GINA's WlxLoggedOnSAS function, allowing the GINA to present options to the user who is currently logged on.
The user is logged on and wants to lock computer:
(The GINA monitors devices for SAS events).
The GINA calls the WlxSasNotify function.
Winlogon calls the GINA's WlxLoggedOnSAS function.
The GINA returns WLX_SAS_ACTION_LOCK_WKSTA.
Winlogon is in the workstation-locked state
The user is logged on; the workstation is locked; and the user wants to unlock computer:
(The GINA monitors devices for SAS events).
The GINA calls the WlxSasNotify function.
Winlogon calls the GINA's WlxWkstaLockedSAS function.
The GINA returns WLX_SAS_ACTION_UNLOCK_WKSTA.
The user is logged on, and the program calls the ExitWindowsEx function:
Winlogon calls the GINA's WlxLogoff function.
The user is logged on and wants to log off using SAS:
(The GINA monitors devices for SAS events).
The GINA calls the WlxSasNotify function.
Winlogon calls the GINA's WlxLoggedOnSAS function.
The GINA returns WLX_SAS_ACTION_LOGOFF.
Winlogon calls the GINA's WlxLogoff function.
The user is logged on and wants to log off and shut down using ExitWindowsEx:
Winlogon calls the GINA's WlxLogoff function.
Winlogon calls the GINA's WlxShutdown function.
The user is logged on and wants to log off and shut down using SAS:
(The GINA monitors devices for SAS events).
The GINA calls the WlxSasNotify function.
Winlogon calls the GINA's WlxLoggedOnSAS function.
The GINA returns WLX_SAS_ACTION_SHUTDOWN.
Winlogon calls the GINA's WlxLogoff function.
Winlogon calls the GINA's WlxShutdown function.
1.3登录状态转化
2 域登录原理
3 实现USBkey证书登录
message=WM_DEVICECHANGE
lPar= (PDEV_BROADCAST_HDR)
USBkey插入事件
wPar=DBT_DEVICEARRIVAL
USBkey拔出事件
wPar=DBT_DEVICEREMOVECOMPLETE
RegisterDeviceNotification方法注册接收硬件的通知消息
实现流程:
1 安装USBkey驱动,把USBkey的登录证书写入系统注册表
2 实现GINA,重写WlxLoggedOutSAS、WlxLoggedOnSAS等方法,GINA监听USBkey的插入或拔出事件。
当USBkey插入时,判断当前状态是否log off或locked,通过WlxSasNotify方法通知Winlogon予WLX_SAS_ACTION_LOGON消息
当USBkey插入时,判断当前状态是否log off或locked,通过WlxSasNotify方法通知Winlogon予WLX_SAS_ACTION_LOGON消息
3 安装GINA,修改注册表项MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Winlogon/GinaDll
- Windows下实现USBkey桌面登录
- windows下远程登录LINUX桌面
- windows下远程登录Ubuntu用户桌面
- 在ubuntu下实现远程登录桌面
- windows & ubuntu 桌面登录
- Linux下远程登录3389的windows桌面
- Windows Server 2003远程登录桌面与本地登录桌面一致的实现,即远程登录踢掉当前用户
- Linux下实现3389登录windows远程桌面
- usbkey
- 怎么实现Windows 2003的自动登录不用按确定进入桌面
- PCI/CA体系下使用USBkey实现认证与加密(一)整体架构
- 从windows远程登录linux桌面
- Linux上远程登录Windows的桌面
- 基于EasyUI实现windows桌面
- html+css实现windows桌面
- 直接登录Windows桌面,不显示欢迎/登录屏幕
- windows下安装openssh服务并实现远程登录
- windows下用git配置ssh实现无密码登录
- js event.keycode大全
- spring2.5AOP注解
- 逗你开心
- FP10直接将图片保存到本地
- VC++开发技巧记录
- Windows下实现USBkey桌面登录
- 继续惨...555555555
- js验证表单大全
- cygwin下如何安装GCC
- Database Mail in SQL Server 2005
- error C2146: 语法错误
- 浮点型操作符
- 使用JDK中的Proxy技术实现AOP功能[动态代理]
- 利用Java反射机制完成XML到对象的解析