Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

Replacing a Principal Object 

Applications that provide authentication services must be able to replace the Principal object for a given thread. Further, the security system must help protect the ability to replace Principal objects because a maliciously attached, incorrect Principal compromises the security of your application by claiming an untrue identity or role. Therefore, applications that require the ability to replace Principal objects must be granted the System.Security.Permissions.SecurityPermission object for principal control. (Note that this permission is not required for performing role-based security checks or for creating Principal objects.)

The current Principal object can be replaced by performing the following tasks:

  1. Create the replacement Principal object and associated Identity object, usually after performing authentication.

  2. Attach the new Principal object to the call context, as shown in the following code.

    Thread.CurrentPrincipal = principalObject;
    

    Thread.CurrentPrincipal = principalObject
    

See Also

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.