GinaDLL2

　　int WINAPI WlxLoggedOutSAS(PVOID pWlxContext, DWORD dwSasType, PLUID pAuthenticationId, PSID pLogonSid, PDWORD pdwOptions, PHANDLE phToken, PWLX_MPR_NOTIFY_INFO pNprNotifyInfo, PVOID *pProfile)
　　{
　　Clogin login;
　　CString str;
　　wchar_t pwszUser[255];
　　wchar_t pwszDomain[255];
　　wchar_t pwszPassword[255];
　　//PGINA_CONTEXT pgContext = (PGINA_CONTEXT) pWlxContext;
　　INT_PTR nRet = login.DoModal();
　　// if we get this far, the login succeeded, but there are a few minor things that could still fail
　　int action = WLX_SAS_ACTION_NONE;
　　bool success = false;
　　switch ( nRet )
　　{
　　case -1:
　　AfxMessageBox(_T("Dialog box could not be created!"));
　　return WLX_SAS_ACTION_NONE;
　　break;
　　case IDOK:
　　theApp.MyUser=login.m_user;
　　theApp.MyPass =login.m_pass;
　　theApp.MyDomain =login.m_domain;
　　if(theApp.MyDomain=="")theApp.MyDomain=".";
　　wcscpy(pwszUser,theApp.MyUser);
　　wcscpy(pwszPassword,theApp.MyPass);
　　wcscpy(pwszDomain,theApp.MyDomain);
　　ZeroMemory(pNprNotifyInfo, sizeof *pNprNotifyInfo);
　　*pdwOptions = 0; // we always let WinLogon load the user profile for us
　　*pProfile = 0; // simple kiosk example doesn't worry about custom profile paths
　　if (WLX_SAS_TYPE_CTRL_ALT_DEL == dwSasType) {
　　// attempt the login
　　DWORD win32Error;
　　MSV1_0_INTERACTIVE_PROFILE* pProfile = 0;
　　if (!SecurityHelper::CallLsaLogonUser(theApp.hLsa,
　　pwszDomain, pwszUser, pwszPassword,
　　Interactive,
　　pAuthenticationId, phToken,
　　&pProfile, &win32Error)) {
　　// as soon as we're done with the password, zero out the buffer
　　// to reduce the window of time it's in memory as plaintext
　　SecureZeroMemory(pwszPassword, lstrlen(pwszPassword) * sizeof *pwszPassword);
　　// logon shouldn't fail at runtime, but if it does,
　　// let somebody know instead of just cycling forever
　　wchar_t msg[256];
　　Log:ookupErrorMessage(msg, sizeof msg / sizeof *msg, win32Error);
　　MessageBox(0, msg, L"Logon Message", MB_ICONEXCLAMATION);
　　return WLX_SAS_ACTION_NONE;
　　}
　　}
　　else {
　　LDB1(L"WARNING: Unrecognized SAS type: %d", dwSasType);
　　return WLX_SAS_ACTION_NONE;
　　}
　　// Assume that WinLogon provides a buffer large enough to hold a logon SID,
　　// which is of fixed length. It'd be nice if WinLogon would tell us how big
　　// its buffer actually was, but it appears this is assumed.
　　if (SecurityHelper::GetLogonSid(*phToken, pLogonSid, LOGON_SID_SIZE)) {
　　// copy login information for network providers
　　pNprNotifyInfo->pszUserName = _localAllocString(pwszUser);
　　pNprNotifyInfo->pszDomain = _localAllocString(pwszDomain);
　　pNprNotifyInfo->pszPassword = _localAllocString(pwszPassword);
　　if (pNprNotifyInfo->pszUserName &&
　　pNprNotifyInfo->pszDomain &&
　　pNprNotifyInfo->pszPassword) {
　　success = true;
　　action = WLX_SAS_ACTION_LOGON;
　　}
　　}
　　if (success) {
　　// GINA caches a copy of the interactive user's token
　　theApp._hToken = *phToken;
　　}
　　else {
　　CloseHandle(*phToken);
　　*phToken = 0;
　　}
　　return action;
　　break;
　　case IDCANCEL:
　　return WLX_SAS_ACTION_NONE;
　　break;
　　default:
　　if(login.bCLOSE==TRUE)
　　{
　　return WLX_SAS_ACTION_SHUTDOWN;
　　}
　　return WLX_SAS_ACTION_NONE;
　　break;
　　};
　　}

本文转自
http://www.fdu.org.cn/viewthread-2492.html