WindowsIdentity Class

Represents a Windows user.

Namespace: System.Security.Principal
Assembly: mscorlib (in mscorlib.dll)

'Declaration
<SerializableAttribute> _
<ComVisibleAttribute(True)> _
Public Class WindowsIdentity
	Implements IIdentity, ISerializable, IDeserializationCallback, IDisposable
'Usage
Dim instance As WindowsIdentity

/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public class WindowsIdentity implements IIdentity, ISerializable, 
	IDeserializationCallback, IDisposable
SerializableAttribute 
ComVisibleAttribute(true) 
public class WindowsIdentity implements IIdentity, ISerializable, 
	IDeserializationCallback, IDisposable

Call the GetCurrent method to create a WindowsIdentity object that represents the current user.

The following example shows the use of members of WindowsIdentity class. For an example showing how to obtain a Windows account token through a call to the unmanaged Win32 LogonUser function, and use that token to impersonate another user, see the WindowsImpersonationContext class.

Imports System
Imports System.Security.Principal
Module Module1

    Sub Main()

        ' Retrieve the Windows account token for the current user.
        Dim logonToken As IntPtr = LogonUser()

        ' Constructor implementations.
        IntPtrConstructor(logonToken)
        IntPtrStringConstructor(logonToken)
        IntPtrStringTypeConstructor(logonToken)
        IntPrtStringTypeBoolConstructor(logonToken)

        ' Property implementations.
        UseProperties(logonToken)

        ' Method implementations.
        GetAnonymousUser()
        ImpersonateIdentity(logonToken)

        ' Align interface and conclude application.
        Console.WriteLine(vbCrLf + "This sample completed " + _
            "successfully; press Enter to exit.")
        Console.ReadLine()

    End Sub
    ' Create a WindowsIdentity object for the user represented by the
    ' specified Windows account token.
    Private Sub IntPtrConstructor(ByVal logonToken As IntPtr)
        ' Construct a WindowsIdentity object using the input account token.
        Dim windowsIdentity As New WindowsIdentity(logonToken)

        WriteLine("Created a Windows identity object named " + _
            windowsIdentity.Name + ".")
    End Sub

    ' Create a WindowsIdentity object for the user represented by the
    ' specified account token and authentication type.
    Private Sub IntPtrStringConstructor(ByVal logonToken As IntPtr)
        ' Construct a WindowsIdentity object using the input account token 
        ' and the specified authentication type.
        Dim authenticationType = "WindowsAuthentication"
        Dim windowsIdentity As _
            New WindowsIdentity(logonToken, authenticationType)

        WriteLine("Created a Windows identity object named " + _
            windowsIdentity.Name + ".")
    End Sub

    ' Create a WindowsIdentity object for the user represented by the
    ' specified account token, authentication type, and Windows account
    ' type.
    Private Sub IntPtrStringTypeConstructor(ByVal logonToken As IntPtr)
        ' Construct a WindowsIdentity object using the input account token,
        ' and the specified authentication type and Windows account type.
        Dim authenticationType As String = "WindowsAuthentication"
        Dim guestAccount As WindowsAccountType = WindowsAccountType.Guest
        Dim windowsIdentity As _
            New WindowsIdentity(logonToken, authenticationType, guestAccount)

        WriteLine("Created a Windows identity object named " + _
            windowsIdentity.Name + ".")
    End Sub

    ' Create a WindowsIdentity object for the user represented by the
    ' specified account token, authentication type, Windows account type,
    ' and Boolean authentication flag.
    Private Sub IntPrtStringTypeBoolConstructor(ByVal logonToken As IntPtr)
        ' Construct a WindowsIdentity object using the input account token,
        ' and the specified authentication type, Windows account type, and
        ' authentication flag.
        Dim authenticationType As String = "WindowsAuthentication"
        Dim guestAccount As WindowsAccountType = WindowsAccountType.Guest
        Dim isAuthenticated As Boolean = True
        Dim windowsIdentity As New WindowsIdentity( _
            logonToken, authenticationType, guestAccount, isAuthenticated)

        WriteLine("Created a Windows identity object named " + _
            windowsIdentity.Name + ".")
    End Sub

    ' Access the properties of a WindowsIdentity object.
    Private Sub UseProperties(ByVal logonToken As IntPtr)
        Dim windowsIdentity As New WindowsIdentity(logonToken)
        Dim propertyDescription As String = "The Windows identity named "

        ' Retrieve the Windows logon name from the Windows identity object.
        propertyDescription += windowsIdentity.Name

        ' Verify that the user account is not considered to be an Anonymous
        ' account by the system.
        If Not windowsIdentity.IsAnonymous Then
            propertyDescription += " is not an Anonymous account"
        End If

        ' Verify that the user account has been authenticated by Windows.
        If (windowsIdentity.IsAuthenticated) Then
            propertyDescription += ", is authenticated"
        End If

        ' Verify that the user account is considered to be a System account by
        ' the system.
        If (windowsIdentity.IsSystem) Then
            propertyDescription += ", is a System account"
        End If

        ' Verify that the user account is considered to be a Guest account by
        ' the system.
        If (windowsIdentity.IsGuest) Then
            propertyDescription += ", is a Guest account"
        End If

        Dim authenticationType As String = windowsIdentity.AuthenticationType

        ' Append the authenication type to the output message.
        If (Not authenticationType Is Nothing) Then
            propertyDescription += (" and uses " + authenticationType)
            propertyDescription += (" authentication type.")
        End If

        WriteLine(propertyDescription)

        ' Display the SID for the owner.
        Console.Write("The SID for the owner is : ")
        Dim si As SecurityIdentifier
        si = windowsIdentity.Owner
        Console.WriteLine(si.ToString())
        ' Display the SIDs for the groups the current user belongs to.
        Console.WriteLine("Display the SIDs for the groups the current user belongs to.")
        Dim irc As IdentityReferenceCollection
        Dim ir As IdentityReference
        irc = windowsIdentity.Groups
        For Each ir In irc
            Console.WriteLine(ir.Value)
        Next
        Dim token As TokenImpersonationLevel
        token = windowsIdentity.ImpersonationLevel
        Console.WriteLine("The impersonation level for the current user is : " + token.ToString())
    End Sub
    ' Retrieve the account token from the current WindowsIdentity object
    ' instead of calling the unmanaged LogonUser method in the advapi32.dll.
    Private Function LogonUser() As IntPtr
        Dim accountToken As IntPtr = WindowsIdentity.GetCurrent().Token

        Return accountToken
    End Function

    ' Get the WindowsIdentity object for an Anonymous user.
    Private Sub GetAnonymousUser()
        ' Retrieve a WindowsIdentity object that represents an anonymous
        ' Windows user.
        Dim windowsIdentity As WindowsIdentity
        windowsIdentity = windowsIdentity.GetAnonymous()
    End Sub

    ' Impersonate a Windows identity.
    Private Sub ImpersonateIdentity(ByVal logonToken As IntPtr)
        ' Retrieve the Windows identity using the specified token.
        Dim windowsIdentity As New WindowsIdentity(logonToken)

        ' Create a WindowsImpersonationContext object by impersonating the
        ' Windows identity.
        Dim impersonationContext As WindowsImpersonationContext
        impersonationContext = windowsIdentity.Impersonate()

        WriteLine("Name of the identity after impersonation: " + _
            windowsIdentity.GetCurrent().Name + ".")

        ' Stop impersonating the user.
        impersonationContext.Undo()

        ' Check the identity.
        WriteLine("Name of the identity after performing an Undo on the " + _
            "impersonation: " + windowsIdentity.GetCurrent().Name + ".")
    End Sub
    ' Write out message with carriage return to output textbox.
    Private Sub WriteLine(ByVal message As String)
        Console.WriteLine(message + vbCrLf)
    End Sub

End Module


import System.*;
import System.Security.Principal.*;

class WindowsIdentityMembers
{
	/** @attribute STAThread()
	 */
	public static void main(String[] args)
	{
		// Retrieve the Windows account token for the current user.
		IntPtr logonToken = LogonUser();
		// Constructor implementations.
		IntPtrConstructor(logonToken);
		IntPtrStringConstructor(logonToken);
		IntPtrStringTypeConstructor(logonToken);
		IntPrtStringTypeBoolConstructor(logonToken);
		// Property implementations.
		UseProperties(logonToken);
		// Method implementations.
		GetAnonymousUser();
		ImpersonateIdentity(logonToken);

		Console.WriteLine("This sample completed successfully; "
			+ "press Enter to exit.");
		Console.ReadLine();
	} //main

	// Create a WindowsIdentity object for the user represented by the
	// specified Windows account token.
	private static void IntPtrConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token.
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token and authentication type.
	private static void IntPtrStringConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token 
		// and the specified authentication type.
		String authenticationType = "WindowsAuthentication";
		WindowsIdentity windowsIdentity =
			new WindowsIdentity(logonToken, authenticationType);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrStringConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token, authentication type, and Windows account
	// type.
	private static void IntPtrStringTypeConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token,
		// and the specified authentication type, and Windows account type.
		String authenticationType = "WindowsAuthentication";
		WindowsAccountType guestAccount = WindowsAccountType.Guest;
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken,
			authenticationType, guestAccount);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPtrStringTypeConstructor

	// Create a WindowsIdentity object for the user represented by the
	// specified account token, authentication type, Windows account type, and
	// Boolean authentication flag.
	private static void IntPrtStringTypeBoolConstructor(IntPtr logonToken)
	{
		// Construct a WindowsIdentity object using the input account token,
		// and the specified authentication type, Windows account type, and
		// authentication flag.
		String authenticationType = "WindowsAuthentication";
		WindowsAccountType guestAccount = WindowsAccountType.Guest;
		boolean isAuthenticated = true;
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken,
			authenticationType, guestAccount, isAuthenticated);
		Console.WriteLine("Created a Windows identity object named "
			+ windowsIdentity.get_Name() + ".");
	} //IntPrtStringTypeBoolConstructor

	// Access the properties of a WindowsIdentity object.
	private static void UseProperties(IntPtr logonToken)
	{
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		String propertyDescription = "The Windows identity named ";
		// Retrieve the Windows logon name from the Windows identity object.
		propertyDescription += windowsIdentity.get_Name();
		// Verify that the user account is not considered to be an Anonymous
		// account by the system.
		if (!(windowsIdentity.get_IsAnonymous()))
		{
			propertyDescription += " is not an Anonymous account";
		}
		// Verify that the user account has been authenticated by Windows.
		if (windowsIdentity.get_IsAuthenticated())
		{
			propertyDescription += ", is authenticated";
		}
		// Verify that the user account is considered to be a System account
		// by the system.
		if (windowsIdentity.get_IsSystem())
		{
			propertyDescription += ", is a System account";
		}
		// Verify that the user account is considered to be a Guest account
		// by the system.
		if (windowsIdentity.get_IsGuest())
		{
			propertyDescription += ", is a Guest account";
		}
		// Retrieve the authentication type for the 
		String authenticationType = windowsIdentity.get_AuthenticationType();
		// Append the authenication type to the output message.
		if (authenticationType != null)
		{
			propertyDescription += " and uses " + authenticationType;
			propertyDescription += " authentication type.";
		}

		Console.WriteLine(propertyDescription);

	} //UseProperties

	// Retrieve the account token from the current WindowsIdentity object
	// instead of calling the unmanaged LogonUser method in the advapi32.dll.
	private static IntPtr LogonUser()
	{
		IntPtr accountToken = WindowsIdentity.GetCurrent().get_Token();
		return accountToken;
	} //LogonUser

	// Get the WindowsIdentity object for an Anonymous user.
	private static void GetAnonymousUser()
	{
		// Retrieve a WindowsIdentity object that represents an anonymous
		// Windows user.
		WindowsIdentity windowsIdentity = WindowsIdentity.GetAnonymous();
	} //GetAnonymousUser

	// Impersonate a Windows identity.
	private static void ImpersonateIdentity(IntPtr logonToken)
	{
		// Retrieve the Windows identity using the specified token.
		WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken);
		// Create a WindowsImpersonationContext object by impersonating the
		// Windows identity.
		WindowsImpersonationContext impersonationContext
			= windowsIdentity.Impersonate();

		Console.WriteLine("Name of the identity after impersonation: "
			+ WindowsIdentity.GetCurrent().get_Name() + ".");
		// Stop impersonating the user.
		impersonationContext.Undo();
		// Check the identity name.
		Console.Write("Name of the identity after performing an Undo on the");
		Console.WriteLine(" impersonation: "
			+ WindowsIdentity.GetCurrent().get_Name());
	} //ImpersonateIdentity
} //WindowsIdentityMembers


System.Object
  System.Security.Principal.WindowsIdentity

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0, 1.1, 1.0

Community Additions

ADD
Show: