Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Principal / WindowsPrincipal.cs / 1305376 / WindowsPrincipal.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
//
// WindowsPrincipal.cs
//
// Group membership checks.
//
namespace System.Security.Principal
{
using Microsoft.Win32;
using Microsoft.Win32.SafeHandles;
using System.Runtime.InteropServices;
using System.Security.Permissions;
using System.Diagnostics.Contracts;
using Hashtable = System.Collections.Hashtable;
[Serializable]
[ComVisible(true)]
public enum WindowsBuiltInRole {
Administrator = 0x220,
User = 0x221,
Guest = 0x222,
PowerUser = 0x223,
AccountOperator = 0x224,
SystemOperator = 0x225,
PrintOperator = 0x226,
BackupOperator = 0x227,
Replicator = 0x228
}
[Serializable]
[HostProtection(SecurityInfrastructure=true)]
[ComVisible(true)]
public class WindowsPrincipal : IPrincipal {
private WindowsIdentity m_identity = null;
// Following 3 fields are present purely for serialization compatability with Everett: not used in Whidbey
#pragma warning disable 169
private String[] m_roles;
private Hashtable m_rolesTable;
private bool m_rolesLoaded;
#pragma warning restore 169
//
// Constructors.
//
private WindowsPrincipal () {}
public WindowsPrincipal (WindowsIdentity ntIdentity) {
if (ntIdentity == null)
throw new ArgumentNullException("ntIdentity");
Contract.EndContractBlock();
m_identity = ntIdentity;
}
//
// Properties.
//
public virtual IIdentity Identity {
get {
return m_identity;
}
}
//
// Public methods.
//
[SecuritySafeCritical]
[SecurityPermission(SecurityAction.Demand, ControlPrincipal = true)]
public virtual bool IsInRole (string role) {
if (role == null || role.Length == 0)
return false;
NTAccount ntAccount = new NTAccount(role);
IdentityReferenceCollection source = new IdentityReferenceCollection(1);
source.Add(ntAccount);
IdentityReferenceCollection target = NTAccount.Translate(source, typeof(SecurityIdentifier), false);
SecurityIdentifier sid = target[0] as SecurityIdentifier;
if (sid == null)
return false;
return IsInRole(sid);
}
public virtual bool IsInRole (WindowsBuiltInRole role) {
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)role), "role");
Contract.EndContractBlock();
return IsInRole((int) role);
}
public virtual bool IsInRole (int rid) {
SecurityIdentifier sid = new SecurityIdentifier(IdentifierAuthority.NTAuthority,
new int[] {Win32Native.SECURITY_BUILTIN_DOMAIN_RID, rid});
return IsInRole(sid);
}
// This methods (with a SID parameter) is more general than the 2 overloads that accept a WindowsBuiltInRole or
// a rid (as an int). It is also better from a performance standpoint than the overload that accepts a string.
// The aformentioned overloads remain in this class since we do not want to introduce a
// breaking change. However, this method should be used in all new applications and we should document this.
[System.Security.SecuritySafeCritical] // auto-generated
[ComVisible(false)]
public virtual bool IsInRole (SecurityIdentifier sid) {
if (sid == null)
throw new ArgumentNullException("sid");
Contract.EndContractBlock();
// special case the anonymous identity.
if (m_identity.TokenHandle.IsInvalid)
return false;
// CheckTokenMembership expects an impersonation token
SafeTokenHandle token = SafeTokenHandle.InvalidHandle;
if (m_identity.ImpersonationLevel == TokenImpersonationLevel.None) {
if (!Win32Native.DuplicateTokenEx(m_identity.TokenHandle,
(uint) TokenAccessLevels.Query,
IntPtr.Zero,
(uint) TokenImpersonationLevel.Identification,
(uint) TokenType.TokenImpersonation,
ref token))
throw new SecurityException(Win32Native.GetMessage(Marshal.GetLastWin32Error()));
}
bool isMember = false;
// CheckTokenMembership will check if the SID is both present and enabled in the access token.
if (!Win32Native.CheckTokenMembership((m_identity.ImpersonationLevel != TokenImpersonationLevel.None ? m_identity.TokenHandle : token),
sid.BinaryForm,
ref isMember))
throw new SecurityException(Win32Native.GetMessage(Marshal.GetLastWin32Error()));
token.Dispose();
return isMember;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
//
// WindowsPrincipal.cs
//
// Group membership checks.
//
namespace System.Security.Principal
{
using Microsoft.Win32;
using Microsoft.Win32.SafeHandles;
using System.Runtime.InteropServices;
using System.Security.Permissions;
using System.Diagnostics.Contracts;
using Hashtable = System.Collections.Hashtable;
[Serializable]
[ComVisible(true)]
public enum WindowsBuiltInRole {
Administrator = 0x220,
User = 0x221,
Guest = 0x222,
PowerUser = 0x223,
AccountOperator = 0x224,
SystemOperator = 0x225,
PrintOperator = 0x226,
BackupOperator = 0x227,
Replicator = 0x228
}
[Serializable]
[HostProtection(SecurityInfrastructure=true)]
[ComVisible(true)]
public class WindowsPrincipal : IPrincipal {
private WindowsIdentity m_identity = null;
// Following 3 fields are present purely for serialization compatability with Everett: not used in Whidbey
#pragma warning disable 169
private String[] m_roles;
private Hashtable m_rolesTable;
private bool m_rolesLoaded;
#pragma warning restore 169
//
// Constructors.
//
private WindowsPrincipal () {}
public WindowsPrincipal (WindowsIdentity ntIdentity) {
if (ntIdentity == null)
throw new ArgumentNullException("ntIdentity");
Contract.EndContractBlock();
m_identity = ntIdentity;
}
//
// Properties.
//
public virtual IIdentity Identity {
get {
return m_identity;
}
}
//
// Public methods.
//
[SecuritySafeCritical]
[SecurityPermission(SecurityAction.Demand, ControlPrincipal = true)]
public virtual bool IsInRole (string role) {
if (role == null || role.Length == 0)
return false;
NTAccount ntAccount = new NTAccount(role);
IdentityReferenceCollection source = new IdentityReferenceCollection(1);
source.Add(ntAccount);
IdentityReferenceCollection target = NTAccount.Translate(source, typeof(SecurityIdentifier), false);
SecurityIdentifier sid = target[0] as SecurityIdentifier;
if (sid == null)
return false;
return IsInRole(sid);
}
public virtual bool IsInRole (WindowsBuiltInRole role) {
if (role < WindowsBuiltInRole.Administrator || role > WindowsBuiltInRole.Replicator)
throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)role), "role");
Contract.EndContractBlock();
return IsInRole((int) role);
}
public virtual bool IsInRole (int rid) {
SecurityIdentifier sid = new SecurityIdentifier(IdentifierAuthority.NTAuthority,
new int[] {Win32Native.SECURITY_BUILTIN_DOMAIN_RID, rid});
return IsInRole(sid);
}
// This methods (with a SID parameter) is more general than the 2 overloads that accept a WindowsBuiltInRole or
// a rid (as an int). It is also better from a performance standpoint than the overload that accepts a string.
// The aformentioned overloads remain in this class since we do not want to introduce a
// breaking change. However, this method should be used in all new applications and we should document this.
[System.Security.SecuritySafeCritical] // auto-generated
[ComVisible(false)]
public virtual bool IsInRole (SecurityIdentifier sid) {
if (sid == null)
throw new ArgumentNullException("sid");
Contract.EndContractBlock();
// special case the anonymous identity.
if (m_identity.TokenHandle.IsInvalid)
return false;
// CheckTokenMembership expects an impersonation token
SafeTokenHandle token = SafeTokenHandle.InvalidHandle;
if (m_identity.ImpersonationLevel == TokenImpersonationLevel.None) {
if (!Win32Native.DuplicateTokenEx(m_identity.TokenHandle,
(uint) TokenAccessLevels.Query,
IntPtr.Zero,
(uint) TokenImpersonationLevel.Identification,
(uint) TokenType.TokenImpersonation,
ref token))
throw new SecurityException(Win32Native.GetMessage(Marshal.GetLastWin32Error()));
}
bool isMember = false;
// CheckTokenMembership will check if the SID is both present and enabled in the access token.
if (!Win32Native.CheckTokenMembership((m_identity.ImpersonationLevel != TokenImpersonationLevel.None ? m_identity.TokenHandle : token),
sid.BinaryForm,
ref isMember))
throw new SecurityException(Win32Native.GetMessage(Marshal.GetLastWin32Error()));
token.Dispose();
return isMember;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ContextBase.cs
- FtpWebResponse.cs
- ContainerControl.cs
- XPathNodeList.cs
- AmbientValueAttribute.cs
- FastEncoderWindow.cs
- DocumentStream.cs
- TraceContext.cs
- VisualTarget.cs
- SafeEventHandle.cs
- MenuItemStyleCollection.cs
- OleDbMetaDataFactory.cs
- HandlerBase.cs
- CalloutQueueItem.cs
- DLinqTableProvider.cs
- VarRefManager.cs
- OletxVolatileEnlistment.cs
- FilterElement.cs
- SecurityDocument.cs
- MemoryMappedFile.cs
- DebugInfoGenerator.cs
- OdbcConnectionHandle.cs
- BamlTreeUpdater.cs
- ButtonBase.cs
- XmlEnumAttribute.cs
- MethodAccessException.cs
- MatrixValueSerializer.cs
- ContentPlaceHolder.cs
- WindowsAuthenticationEventArgs.cs
- OleDbRowUpdatedEvent.cs
- RepeatBehaviorConverter.cs
- DbException.cs
- Point3DCollectionConverter.cs
- DataGridComboBoxColumn.cs
- DataTablePropertyDescriptor.cs
- AsyncInvokeOperation.cs
- ManagedIStream.cs
- QilNode.cs
- Timer.cs
- NumberSubstitution.cs
- Win32Interop.cs
- WmlCalendarAdapter.cs
- CodeTypeReferenceSerializer.cs
- TypedTableBaseExtensions.cs
- InvalidContentTypeException.cs
- activationcontext.cs
- IdleTimeoutMonitor.cs
- ToolStripDropDownClosingEventArgs.cs
- BamlLocalizationDictionary.cs
- DataBoundLiteralControl.cs
- StringArrayConverter.cs
- Permission.cs
- ConnectionManagementElementCollection.cs
- InputQueueChannelAcceptor.cs
- autovalidator.cs
- FormViewDesigner.cs
- BamlLocalizer.cs
- InkCanvasFeedbackAdorner.cs
- MobileResource.cs
- PrimaryKeyTypeConverter.cs
- ColorTransform.cs
- UshortList2.cs
- D3DImage.cs
- InvokeProviderWrapper.cs
- ADMembershipProvider.cs
- CardSpacePolicyElement.cs
- DecimalAnimationUsingKeyFrames.cs
- DynamicValidator.cs
- BooleanFunctions.cs
- Convert.cs
- ProcessProtocolHandler.cs
- NavigationPropertyEmitter.cs
- QuaternionKeyFrameCollection.cs
- CompositeFontInfo.cs
- ProfileSettingsCollection.cs
- ListManagerBindingsCollection.cs
- BitmapEffectOutputConnector.cs
- DupHandleConnectionReader.cs
- SiteMapHierarchicalDataSourceView.cs
- CharEnumerator.cs
- ContractAdapter.cs
- RoutedUICommand.cs
- EFDataModelProvider.cs
- wmiprovider.cs
- _SingleItemRequestCache.cs
- ProxyManager.cs
- DispatcherExceptionEventArgs.cs
- StrokeNodeOperations2.cs
- PageCatalogPart.cs
- DataSourceView.cs
- XmlBinaryWriterSession.cs
- PeerContact.cs
- SourceLineInfo.cs
- PageClientProxyGenerator.cs
- ADMembershipUser.cs
- AmbientEnvironment.cs
- MarshalByRefObject.cs
- CodePrimitiveExpression.cs
- ScriptManager.cs
- ProviderSettings.cs