Export (0) Print
Expand All

WindowsIdentity Class

Represents a Windows user.

Namespace: System.Security.Principal
Assembly: mscorlib (in mscorlib.dll)

[SerializableAttribute] 
[ComVisibleAttribute(true)] 
public class WindowsIdentity : IIdentity, ISerializable, IDeserializationCallback, 
	IDisposable
/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public class WindowsIdentity implements IIdentity, ISerializable, 
	IDeserializationCallback, IDisposable
SerializableAttribute 
ComVisibleAttribute(true) 
public class WindowsIdentity implements IIdentity, ISerializable, 
	IDeserializationCallback, IDisposable

Call the GetCurrent method to create a WindowsIdentity object that represents the current user.

The following example shows the use of members of WindowsIdentity class. For an example showing how to obtain a Windows account token through a call to the unmanaged Win32 LogonUser function, and use that token to impersonate another user, see the WindowsImpersonationContext class.

using System;
using System.Security.Principal;

class WindowsIdentityMembers
{
    [STAThread]
    static void Main(string[] args)
    {
        // Retrieve the Windows account token for the current user.
        IntPtr logonToken = LogonUser();

        // Constructor implementations.
        IntPtrConstructor(logonToken);
        IntPtrStringConstructor(logonToken);
        IntPtrStringTypeConstructor(logonToken);
        IntPrtStringTypeBoolConstructor(logonToken);

        // Property implementations.
        UseProperties(logonToken);

        // Method implementations.
        GetAnonymousUser();
        ImpersonateIdentity(logonToken);

        Console.WriteLine("This sample completed successfully; " +
            "press Enter to exit.");
        Console.ReadLine();
    }

    // Create a WindowsIdentity object for the user represented by the
    // specified Windows account token.
    private static void IntPtrConstructor(IntPtr logonToken)
    {
        // Construct a WindowsIdentity object using the input account token.
        WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);

        Console.WriteLine("Created a Windows identity object named " +
            windowsIdentity.Name + ".");
    }

 
    // Create a WindowsIdentity object for the user represented by the
    // specified account token and authentication type.
    private static void IntPtrStringConstructor(IntPtr logonToken)
    {
        // Construct a WindowsIdentity object using the input account token 
        // and the specified authentication type.
        string authenticationType = "WindowsAuthentication";
        WindowsIdentity windowsIdentity =
            new WindowsIdentity(logonToken, authenticationType);

        Console.WriteLine("Created a Windows identity object named " +
            windowsIdentity.Name + ".");
    }

    // Create a WindowsIdentity object for the user represented by the
    // specified account token, authentication type, and Windows account
    // type.
    private static void IntPtrStringTypeConstructor(IntPtr logonToken)
    {
        // Construct a WindowsIdentity object using the input account token,
        // and the specified authentication type, and Windows account type.
        string authenticationType = "WindowsAuthentication";
        WindowsAccountType guestAccount = WindowsAccountType.Guest;
        WindowsIdentity windowsIdentity =
            new WindowsIdentity(logonToken, authenticationType, guestAccount);

        Console.WriteLine("Created a Windows identity object named " +
            windowsIdentity.Name + ".");
    }

    // Create a WindowsIdentity object for the user represented by the
    // specified account token, authentication type, Windows account type, and
    // Boolean authentication flag.
    private static void IntPrtStringTypeBoolConstructor(IntPtr logonToken)
    {
        // Construct a WindowsIdentity object using the input account token,
        // and the specified authentication type, Windows account type, and
        // authentication flag.
        string authenticationType = "WindowsAuthentication";
        WindowsAccountType guestAccount = WindowsAccountType.Guest;
        bool isAuthenticated = true;
        WindowsIdentity windowsIdentity = new WindowsIdentity(
            logonToken, authenticationType, guestAccount, isAuthenticated);

        Console.WriteLine("Created a Windows identity object named " +
            windowsIdentity.Name + ".");
    }

    // Access the properties of a WindowsIdentity object.
    private static void UseProperties(IntPtr logonToken)
    {
        WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
        string propertyDescription = "The Windows identity named ";

        // Retrieve the Windows logon name from the Windows identity object.
        propertyDescription += windowsIdentity.Name;

        // Verify that the user account is not considered to be an Anonymous
        // account by the system.
        if (!windowsIdentity.IsAnonymous)
        {
            propertyDescription += " is not an Anonymous account";
        }

        // Verify that the user account has been authenticated by Windows.
        if (windowsIdentity.IsAuthenticated)
        {
            propertyDescription += ", is authenticated";
        }

        // Verify that the user account is considered to be a System account
        // by the system.
        if (windowsIdentity.IsSystem)
        {
            propertyDescription += ", is a System account";
        }

        // Verify that the user account is considered to be a Guest account
        // by the system.
        if (windowsIdentity.IsGuest)
        {
            propertyDescription += ", is a Guest account";
        }

        // Retrieve the authentication type for the 
        String authenticationType = windowsIdentity.AuthenticationType;

        // Append the authenication type to the output message.
        if (authenticationType != null)
        {
            propertyDescription += (" and uses " + authenticationType);
            propertyDescription += (" authentication type.");
        }

        Console.WriteLine(propertyDescription);

        // Display the SID for the owner.
        Console.Write("The SID for the owner is : ");
        SecurityIdentifier si = windowsIdentity.Owner;
        Console.WriteLine(si.ToString());
        // Display the SIDs for the groups the current user belongs to.
        Console.WriteLine("Display the SIDs for the groups the current user belongs to.");
        IdentityReferenceCollection irc = windowsIdentity.Groups;
        foreach (IdentityReference ir in irc)
            Console.WriteLine(ir.Value);
        TokenImpersonationLevel token = windowsIdentity.ImpersonationLevel;
        Console.WriteLine("The impersonation level for the current user is : " + token.ToString());
    }

    // Retrieve the account token from the current WindowsIdentity object
    // instead of calling the unmanaged LogonUser method in the advapi32.dll.
    private static IntPtr LogonUser()
    {
        IntPtr accountToken = WindowsIdentity.GetCurrent().Token;
        Console.WriteLine( "Token number is: " + accountToken.ToString());

        return accountToken;
    }

    // Get the WindowsIdentity object for an Anonymous user.
    private static void GetAnonymousUser()
    {
        // Retrieve a WindowsIdentity object that represents an anonymous
        // Windows user.
        WindowsIdentity windowsIdentity = WindowsIdentity.GetAnonymous();
    }

    // Impersonate a Windows identity.
    private static void ImpersonateIdentity(IntPtr logonToken)
    {
        // Retrieve the Windows identity using the specified token.
        WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);

        // Create a WindowsImpersonationContext object by impersonating the
        // Windows identity.
        WindowsImpersonationContext impersonationContext =
            windowsIdentity.Impersonate();

        Console.WriteLine("Name of the identity after impersonation: "
            + WindowsIdentity.GetCurrent().Name + ".");
        Console.WriteLine(windowsIdentity.ImpersonationLevel);
        // Stop impersonating the user.
        impersonationContext.Undo();

        // Check the identity name.
        Console.Write("Name of the identity after performing an Undo on the");
        Console.WriteLine(" impersonation: " +
            WindowsIdentity.GetCurrent().Name);
    }
}


import System.*;
import System.Security.Principal.*;

class WindowsIdentityMembers
{
	/** @attribute STAThread()
	 */
	public static void main(String[] args)
	{
		// Retrieve the Windows account token for the current user.
		IntPtr logonToken = LogonUser();
		// Constructor implementations.
		IntPtrConstructor(logonToken);
		IntPtrStringConstructor(logonToken);
		IntPtrStringTypeConstructor(logonToken);
		IntPrtStringTypeBoolConstructor(logonToken);
		// Property implementations.
		UseProperties(logonToken);
		// Method implementations.
		GetAnonymousUser();
		ImpersonateIdentity(logonToken);

		Console.WriteLine("This sample completed successfully; "
			+ "press Enter to exit.");
		Console.ReadLine();
	} //main

	// Create a WindowsIdentity object for the user represented by the
	// specified Windows account token.
	private static void IntPtrConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token.
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token and authentication type.
	private static void IntPtrStringConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token 
		// and the specified authentication type.
		String authenticationType = "WindowsAuthentication";
		WindowsIdentity windowsIdentity =
			new WindowsIdentity(logonToken, authenticationType);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrStringConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token, authentication type, and Windows account
	// type.
	private static void IntPtrStringTypeConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token,
		// and the specified authentication type, and Windows account type.
		String authenticationType = "WindowsAuthentication";
		WindowsAccountType guestAccount = WindowsAccountType.Guest;
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken,
			authenticationType, guestAccount);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrStringTypeConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token, authentication type, Windows account type, and
	// Boolean authentication flag.
	private static void IntPrtStringTypeBoolConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token,
		// and the specified authentication type, Windows account type, and
		// authentication flag.
		String authenticationType = "WindowsAuthentication";
		WindowsAccountType guestAccount = WindowsAccountType.Guest;
		boolean isAuthenticated = true;
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken,
			authenticationType, guestAccount, isAuthenticated);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPrtStringTypeBoolConstructor

	// Access the properties of a WindowsIdentity object.
	private static void UseProperties(IntPtr logonToken)
	{
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		String propertyDescription = "The Windows identity named ";
		// Retrieve the Windows logon name from the Windows identity object.
		propertyDescription += windowsIdentity.get_Name();
		// Verify that the user account is not considered to be an Anonymous
		// account by the system.
		if (!(windowsIdentity.get_IsAnonymous()))
		{
			propertyDescription += " is not an Anonymous account";
		}
		// Verify that the user account has been authenticated by Windows.
		if (windowsIdentity.get_IsAuthenticated())
		{
			propertyDescription += ", is authenticated";
		}
		// Verify that the user account is considered to be a System account
		// by the system.
		if (windowsIdentity.get_IsSystem())
		{
			propertyDescription += ", is a System account";
		}
		// Verify that the user account is considered to be a Guest account
		// by the system.
		if (windowsIdentity.get_IsGuest())
		{
			propertyDescription += ", is a Guest account";
		}
		// Retrieve the authentication type for the 
		String authenticationType = windowsIdentity.get_AuthenticationType();
		// Append the authenication type to the output message.
		if (authenticationType != null)
		{
			propertyDescription += " and uses " + authenticationType;
			propertyDescription += " authentication type.";
		}

		Console.WriteLine(propertyDescription);

	} //UseProperties

	// Retrieve the account token from the current WindowsIdentity object
	// instead of calling the unmanaged LogonUser method in the advapi32.dll.
	private static IntPtr LogonUser()
	{
		IntPtr accountToken = WindowsIdentity.GetCurrent().get_Token();
		return accountToken;
	} //LogonUser

	// Get the WindowsIdentity object for an Anonymous user.
	private static void GetAnonymousUser()
	{
		// Retrieve a WindowsIdentity object that represents an anonymous
		// Windows user.
		WindowsIdentity windowsIdentity = WindowsIdentity.GetAnonymous();
	} //GetAnonymousUser

	// Impersonate a Windows identity.
	private static void ImpersonateIdentity(IntPtr logonToken)
	{
		// Retrieve the Windows identity using the specified token.
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		// Create a WindowsImpersonationContext object by impersonating the
		// Windows identity.
		WindowsImpersonationContext impersonationContext
			= windowsIdentity.Impersonate();

		Console.WriteLine("Name of the identity after impersonation: "
			+ WindowsIdentity.GetCurrent().get_Name() + ".");
		// Stop impersonating the user.
		impersonationContext.Undo();
		// Check the identity name.
		Console.Write("Name of the identity after performing an Undo on the");
		Console.WriteLine(" impersonation: "
			+ WindowsIdentity.GetCurrent().get_Name());
	} //ImpersonateIdentity
} //WindowsIdentityMembers


System.Object
  System.Security.Principal.WindowsIdentity

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0, 1.1, 1.0

Community Additions

ADD
Show:
© 2014 Microsoft