Export (0) Print
Expand All
1 out of 4 rated this helpful - Rate this topic

WindowsIdentity Class

Represents a Windows user.

System::Object
  System.Security.Claims::ClaimsIdentity
    System.Security.Principal::WindowsIdentity

Namespace:  System.Security.Principal
Assembly:  mscorlib (in mscorlib.dll)
[SerializableAttribute]
[ComVisibleAttribute(true)]
public ref class WindowsIdentity : public ClaimsIdentity, 
	ISerializable, IDeserializationCallback, IDisposable

The WindowsIdentity type exposes the following members.

  NameDescription
Public methodWindowsIdentity(IntPtr)Initializes a new instance of the WindowsIdentity class for the user represented by the specified Windows account token.
Public methodWindowsIdentity(String)Initializes a new instance of the WindowsIdentity class for the user represented by the specified User Principal Name (UPN).
Protected methodWindowsIdentity(WindowsIdentity)Initializes a new instance of the WindowsIdentity class by using the specified WindowsIdentity object.
Public methodWindowsIdentity(IntPtr, String)Initializes a new instance of the WindowsIdentity class for the user represented by the specified Windows account token and the specified authentication type.
Public methodWindowsIdentity(SerializationInfo, StreamingContext)Initializes a new instance of the WindowsIdentity class for the user represented by information in a SerializationInfo stream.
Public methodWindowsIdentity(String, String)Initializes a new instance of the WindowsIdentity class for the user represented by the specified User Principal Name (UPN) and the specified authentication type.
Public methodWindowsIdentity(IntPtr, String, WindowsAccountType)Initializes a new instance of the WindowsIdentity class for the user represented by the specified Windows account token, the specified authentication type, and the specified Windows account type.
Public methodWindowsIdentity(IntPtr, String, WindowsAccountType, Boolean)Initializes a new instance of the WindowsIdentity class for the user represented by the specified Windows account token, the specified authentication type, the specified Windows account type, and the specified authentication status.
Top
  NameDescription
Public propertyActorGets or sets the identity of the calling party that was granted delegation rights. (Inherited from ClaimsIdentity.)
Public propertyAuthenticationTypeGets the type of authentication used to identify the user. (Overrides ClaimsIdentity::AuthenticationType.)
Public propertyBootstrapContextGets or sets the token that was used to create this claims identity. (Inherited from ClaimsIdentity.)
Public propertyClaimsGets all claims for the user represented by this Windows identity. (Overrides ClaimsIdentity::Claims.)
Public propertyDeviceClaimsGets claims that have the ClaimTypes::WindowsDeviceClaim property key.
Public propertyGroupsGets the groups the current Windows user belongs to.
Public propertyImpersonationLevelGets the impersonation level for the user.
Public propertyIsAnonymousGets a value that indicates whether the user account is identified as an anonymous account by the system.
Public propertyIsAuthenticatedGets a value indicating whether the user has been authenticated by Windows. (Overrides ClaimsIdentity::IsAuthenticated.)
Public propertyIsGuestGets a value indicating whether the user account is identified as a Guest account by the system.
Public propertyIsSystemGets a value indicating whether the user account is identified as a System account by the system.
Public propertyLabelGets or sets the label for this claims identity. (Inherited from ClaimsIdentity.)
Public propertyNameGets the user's Windows logon name. (Overrides ClaimsIdentity::Name.)
Public propertyNameClaimTypeGets the claim type that is used to determine which claims provide the value for the Name property of this claims identity. (Inherited from ClaimsIdentity.)
Public propertyOwnerGets the security identifier (SID) for the token owner.
Public propertyRoleClaimTypeGets the claim type that will be interpreted as a .NET Framework role among the claims in this claims identity. (Inherited from ClaimsIdentity.)
Public propertyTokenGets the Windows account token for the user.
Public propertyUserGets the security identifier (SID) for the user.
Public propertyUserClaimsGets claims that have the ClaimTypes::WindowsUserClaim property key.
Top
  NameDescription
Public methodAddClaimAdds a single claim to this claims identity. (Inherited from ClaimsIdentity.)
Public methodAddClaimsAdds a list of claims to this claims identity. (Inherited from ClaimsIdentity.)
Public methodCloneCreates a new object that is a copy of the current instance. (Overrides ClaimsIdentity::Clone().)
Public methodDispose()Releases all resources used by the WindowsIdentity.
Protected methodDispose(Boolean)Releases the unmanaged resources used by the WindowsIdentity and optionally releases the managed resources.
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFindAll(Predicate<Claim>)Retrieves all of the claims that are matched by the specified predicate. (Inherited from ClaimsIdentity.)
Public methodFindAll(String)Retrieves all of the claims that have the specified claim type. (Inherited from ClaimsIdentity.)
Public methodFindFirst(Predicate<Claim>)Retrieves the first claim that is matched by the specified predicate. (Inherited from ClaimsIdentity.)
Public methodFindFirst(String)Retrieves the first claim with the specified claim type. (Inherited from ClaimsIdentity.)
Public methodStatic memberGetAnonymousReturns a WindowsIdentity object that you can use as a sentinel value in your code to represent an anonymous user. The property value does not represent the built-in anonymous identity used by the Windows operating system.
Public methodStatic memberGetCurrent()Returns a WindowsIdentity object that represents the current Windows user.
Public methodStatic memberGetCurrent(Boolean)Returns a WindowsIdentity object that represents the Windows identity for either the thread or the process, depending on the value of the ifImpersonating parameter.
Public methodStatic memberGetCurrent(TokenAccessLevels)Returns a WindowsIdentity object that represents the current Windows user, using the specified desired token access level.
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Protected methodGetObjectDataPopulates the SerializationInfo with data needed to serialize the current ClaimsIdentity object. (Inherited from ClaimsIdentity.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodHasClaim(Predicate<Claim>)Determines whether this claims identity has a claim that is matched by the specified predicate. (Inherited from ClaimsIdentity.)
Public methodHasClaim(String, String)Determines whether this claims identity has a claim with the specified claim type and value. (Inherited from ClaimsIdentity.)
Public methodImpersonate()Impersonates the user represented by the WindowsIdentity object.
Public methodStatic memberImpersonate(IntPtr)Impersonates the user represented by the specified user token.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodRemoveClaimAttempts to remove a claim from the claims identity. (Inherited from ClaimsIdentity.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodTryRemoveClaimAttempts to remove a claim from the claims identity. (Inherited from ClaimsIdentity.)
Top
  NameDescription
Public fieldStatic memberDefaultIssuerIdentifies the name of the default ClaimsIdentity issuer.
Top
  NameDescription
Explicit interface implemetationPrivate methodIDeserializationCallback::OnDeserializationInfrastructure. Implements the ISerializable interface and is called back by the deserialization event when deserialization is complete.
Explicit interface implemetationPrivate methodISerializable::GetObjectDataInfrastructure. Sets the SerializationInfo object with the logical context information needed to recreate an instance of this execution context.
Top

Call the GetCurrent method to create a WindowsIdentity object that represents the current user.

Important noteImportant

This type implements the IDisposable interface. When you have finished using the type, you should dispose of it either directly or indirectly. To dispose of the type directly, call its Dispose method in a try/catch block. To dispose of it indirectly, use a language construct such as using (in C#) or Using (in Visual Basic). For more information, see the “Using an Object that Implements IDisposable” section in the IDisposable interface topic.

The following example shows the use of members of WindowsIdentity class. For an example showing how to obtain a Windows account token through a call to the unmanaged Win32 LogonUser function, and use that token to impersonate another user, see the WindowsImpersonationContext class.

using namespace System;
using namespace System::Security::Principal;
void IntPtrConstructor( IntPtr logonToken );
void IntPtrStringConstructor( IntPtr logonToken );
void IntPrtStringTypeBoolConstructor( IntPtr logonToken );
void IntPtrStringTypeConstructor( IntPtr logonToken );
void UseProperties( IntPtr logonToken );
IntPtr LogonUser();
void GetAnonymousUser();
void ImpersonateIdentity( IntPtr logonToken );

[STAThread]
int main()
{

   // Retrieve the Windows account token for the current user.
   IntPtr logonToken = LogonUser();

   // Constructor implementations.
   IntPtrConstructor( logonToken );
   IntPtrStringConstructor( logonToken );
   IntPtrStringTypeConstructor( logonToken );
   IntPrtStringTypeBoolConstructor( logonToken );

   // Property implementations.
   UseProperties( logonToken );

   // Method implementations.
   GetAnonymousUser();
   ImpersonateIdentity( logonToken );
   Console::WriteLine( "This sample completed successfully; " 
   "press Enter to exit." );
   Console::ReadLine();
}


// Create a WindowsIdentity object for the user represented by the 
// specified Windows account token. 
void IntPtrConstructor( IntPtr logonToken )
{

   // Construct a WindowsIdentity object using the input account token.
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken );

   Console::WriteLine( "Created a Windows identity object named {0}.", windowsIdentity->Name );
}

// Create a WindowsIdentity object for the user represented by the 
// specified account token and authentication type. 
void IntPtrStringConstructor( IntPtr logonToken )
{

   // Construct a WindowsIdentity object using the input account token  
   // and the specified authentication type.
   String^ authenticationType = "WindowsAuthentication";
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken,authenticationType );

   Console::WriteLine( "Created a Windows identity object named {0}.", windowsIdentity->Name );
}



// Create a WindowsIdentity object for the user represented by the 
// specified account token, authentication type and Windows account 
// type. 
void IntPtrStringTypeConstructor( IntPtr logonToken )
{

   // Construct a WindowsIdentity object using the input account token, 
   // and the specified authentication type and Windows account type.
   String^ authenticationType = "WindowsAuthentication";
   WindowsAccountType guestAccount = WindowsAccountType::Guest;
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken,authenticationType,guestAccount );

   Console::WriteLine( "Created a Windows identity object named {0}.", windowsIdentity->Name );
}

// Create a WindowsIdentity object for the user represented by the 
// specified account token, authentication type, Windows account type and 
// Boolean authentication flag. 
void IntPrtStringTypeBoolConstructor( IntPtr logonToken )
{

   // Construct a WindowsIdentity object using the input account token, 
   // and the specified authentication type, Windows account type, and 
   // authentication flag.
   String^ authenticationType = "WindowsAuthentication";
   WindowsAccountType guestAccount = WindowsAccountType::Guest;
   bool isAuthenticated = true;
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken,authenticationType,guestAccount,isAuthenticated );

   Console::WriteLine( "Created a Windows identity object named {0}.", windowsIdentity->Name );
}

// Access the properties of a WindowsIdentity object. 
void UseProperties( IntPtr logonToken )
{
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken );
   String^ propertyDescription = "The windows identity named ";

   // Retrieve the Windows logon name from the Windows identity object.
   propertyDescription = String::Concat( propertyDescription, windowsIdentity->Name );

   // Verify that the user account is not considered to be an Anonymous 
   // account by the system. 
   if (  !windowsIdentity->IsAnonymous )
   {
      propertyDescription = String::Concat( propertyDescription, ", is not an Anonymous account" );
   }


   // Verify that the user account has been authenticated by Windows. 
   if ( windowsIdentity->IsAuthenticated )
   {
      propertyDescription = String::Concat( propertyDescription, ", is authenticated" );
   }

   // Verify that the user account is considered to be a System account 
   // by the system. 
   if ( windowsIdentity->IsSystem )
   {
      propertyDescription = String::Concat( propertyDescription, ", is a System account" );
   }

   // Verify that the user account is considered to be a Guest account 
   // by the system. 
   if ( windowsIdentity->IsGuest )
   {
      propertyDescription = String::Concat( propertyDescription, ", is a Guest account" );
   }

   // Retrieve the authentication type for the 
   String^ authenticationType = windowsIdentity->AuthenticationType;

   // Append the authenication type to the output message. 
   if ( authenticationType != nullptr )
   {
      propertyDescription = String::Format( "{0} and uses {1} authentication type.", propertyDescription, authenticationType );
   }

   Console::WriteLine( propertyDescription );
}


// Retrieve the account token from the current WindowsIdentity object 
// instead of calling the unmanaged LogonUser method in the advapi32.dll.
IntPtr LogonUser()
{

   IntPtr accountToken = WindowsIdentity::GetCurrent()->Token;

   return accountToken;
}


// Get the WindowsIdentity object for an Anonymous user. 
void GetAnonymousUser()
{

   // Retrieve a WindowsIdentity object that represents an anonymous 
   // Windows user.
   WindowsIdentity^ windowsIdentity = WindowsIdentity::GetAnonymous();

}


// Impersonate a Windows identity. 
void ImpersonateIdentity( IntPtr logonToken )
{

   // Retrieve the Windows identity using the specified token.
   WindowsIdentity^ windowsIdentity = gcnew WindowsIdentity( logonToken );

   // Create a WindowsImpersonationContext object by impersonating the 
   // Windows identity.
   WindowsImpersonationContext^ impersonationContext = windowsIdentity->Impersonate();
   Console::WriteLine( "Name of the identity after impersonation: {0}.", WindowsIdentity::GetCurrent()->Name );

   // Stop impersonating the user.
   impersonationContext->Undo();

   // Check the identity name.
   Console::Write( "Name of the identity after performing an Undo on the" );
   Console::WriteLine( " impersonation: {0}", WindowsIdentity::GetCurrent()->Name );
}

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.