WindowsPrincipal Class
 

Enables code to check the Windows group membership of a Windows user.

Namespace:   System.Security.Principal
Assembly:  mscorlib (in mscorlib.dll)

SystemObject
   System.Security.ClaimsClaimsPrincipal
    System.Security.PrincipalWindowsPrincipal

[SerializableAttribute]
[ComVisibleAttribute(true)]
[HostProtectionAttribute(SecurityAction.LinkDemand, SecurityInfrastructure = true)]
public class WindowsPrincipal : ClaimsPrincipal
[SerializableAttribute]
[ComVisibleAttribute(true)]
[HostProtectionAttribute(SecurityAction::LinkDemand, SecurityInfrastructure = true)]
public ref class WindowsPrincipal : ClaimsPrincipal
[<SerializableAttribute>]
[<ComVisibleAttribute(true)>]
[<HostProtectionAttribute(SecurityAction.LinkDemand, SecurityInfrastructure = true)>]
type WindowsPrincipal = 
    class
        inherit ClaimsPrincipal
    end
<SerializableAttribute>
<ComVisibleAttribute(True)>
<HostProtectionAttribute(SecurityAction.LinkDemand, SecurityInfrastructure := True)>
Public Class WindowsPrincipal
	Inherits ClaimsPrincipal
NameDescription
System_CAPS_pubmethod WindowsPrincipal

Initializes a new instance of the WindowsPrincipal class by using the specified WindowsIdentity object.

NameDescription
System_CAPS_pubproperty

Gets a collection that contains all of the claims from all of the claims identities associated with this claims principal.(Inherited from ClaimsPrincipal.)

System_CAPS_protproperty

(Inherited from ClaimsPrincipal.)

System_CAPS_pubproperty

Gets all Windows device claims from this principal.

System_CAPS_pubproperty

Gets a collection that contains all of the claims identities associated with this claims principal.(Inherited from ClaimsPrincipal.)

System_CAPS_pubproperty

Gets the identity of the current principal.(Overrides .)

System_CAPS_pubproperty

Gets all Windows user claims from this principal.

NameDescription
System_CAPS_pubmethod AddIdentities

Adds the specified claims identities to this claims principal.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod AddIdentity

Adds the specified claims identity to this claims principal.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod Clone

Returns a copy of this instance.(Inherited from ClaimsPrincipal.)

System_CAPS_protmethod CreateClaimsIdentity

Creates a new claims identity.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod Equals

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethod Finalize

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethod FindAll

Retrieves all of the claims that are matched by the specified predicate.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod FindAll

Retrieves all or the claims that have the specified claim type.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod FindFirst

Retrieves the first claim that is matched by the specified predicate.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod FindFirst

Retrieves the first claim with the specified claim type.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod GetHashCode

Serves as the default hash function. (Inherited from Object.)

System_CAPS_protmethod GetObjectData

Populates the SerializationInfo with data needed to serialize the current ClaimsPrincipal object.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod GetType

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethod HasClaim

Determines whether any of the claims identities associated with this claims principal contains a claim that is matched by the specified predicate.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod HasClaim

Determines whether any of the claims identities associated with this claims principal contains a claim with the specified claim type and value.(Inherited from ClaimsPrincipal.)

System_CAPS_pubmethod IsInRole

Determines whether the current principal belongs to the Windows user group with the specified relative identifier (RID).

System_CAPS_pubmethod IsInRole

Determines whether the current principal belongs to the Windows user group with the specified security identifier (SID).

System_CAPS_pubmethod IsInRole

Determines whether the current principal belongs to the Windows user group with the specified name.(Overrides ClaimsPrincipalIsInRole.)

System_CAPS_pubmethod IsInRole

Determines whether the current principal belongs to the Windows user group with the specified WindowsBuiltInRole.

System_CAPS_protmethod MemberwiseClone

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethod ToString

Returns a string that represents the current object.(Inherited from Object.)

System_CAPS_pubmethod WriteTo

(Inherited from ClaimsPrincipal.)

System_CAPS_protmethod WriteTo

(Inherited from ClaimsPrincipal.)

The WindowsPrincipal class is primarily used to check the role of a Windows user. The WindowsPrincipalIsInRole method overloads let you check the user role by using different role contexts.

The following example demonstrates how to use the IsInRole method overloads. The WindowsBuiltInRole enumeration is used as the source for the relative identifiers (RIDs) that identify the built-in roles. The RIDs are used to determine the roles of the current principal.

using System;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;

class SecurityPrincipalDemo
{
    public static void DemonstrateWindowsBuiltInRoleEnum()
    {
        AppDomain myDomain = Thread.GetDomain();

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
        WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;
        Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString());
        Array wbirFields = Enum.GetValues(typeof(WindowsBuiltInRole));
        foreach (object roleName in wbirFields)
        {
            try
            {
                // Cast the role name to a RID represented by the WindowsBuildInRole value.
                Console.WriteLine("{0}? {1}.", roleName,
                    myPrincipal.IsInRole((WindowsBuiltInRole)roleName));
                Console.WriteLine("The RID for this role is: " + ((int)roleName).ToString());

            }
            catch (Exception)
            {
                Console.WriteLine("{0}: Could not obtain role for this RID.",
                    roleName);
            }
        }
        // Get the role using the string value of the role.
        Console.WriteLine("{0}? {1}.", "Administrators",
            myPrincipal.IsInRole("BUILTIN\\" + "Administrators"));
        Console.WriteLine("{0}? {1}.", "Users",
            myPrincipal.IsInRole("BUILTIN\\" + "Users"));
        // Get the role using the WindowsBuiltInRole enumeration value.
        Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator,
           myPrincipal.IsInRole(WindowsBuiltInRole.Administrator));
        // Get the role using the WellKnownSidType.
        SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
        Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid));
    }

    public static void Main()
    {
        DemonstrateWindowsBuiltInRoleEnum();
    }
}
Imports System
Imports System.Threading
Imports System.Security.Permissions
Imports System.Security.Principal

Class SecurityPrincipalDemo

    Public Shared Sub DemonstrateWindowsBuiltInRoleEnum()
        Dim myDomain As AppDomain = Thread.GetDomain()

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal)
        Dim myPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal, WindowsPrincipal)
        Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString())
        Dim wbirFields As Array = [Enum].GetValues(GetType(WindowsBuiltInRole))
        Dim roleName As Object
        For Each roleName In wbirFields
            Try
                ' Cast the role name to a RID represented by the WindowsBuildInRole value.
                Console.WriteLine("{0}? {1}.", roleName, myPrincipal.IsInRole(CType(roleName, WindowsBuiltInRole)))
                Console.WriteLine("The RID for this role is: " + Fix(roleName).ToString())

            Catch
                Console.WriteLine("{0}: Could not obtain role for this RID.", roleName)
            End Try
        Next roleName
        ' Get the role using the string value of the role.
        Console.WriteLine("{0}? {1}.", "Administrators", myPrincipal.IsInRole("BUILTIN\" + "Administrators"))
        Console.WriteLine("{0}? {1}.", "Users", myPrincipal.IsInRole("BUILTIN\" + "Users"))
        ' Get the role using the WindowsBuiltInRole enumeration value.
        Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator, myPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
        ' Get the role using the WellKnownSidType.
        Dim sid As New SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, Nothing)
        Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid))

    End Sub 'DemonstrateWindowsBuiltInRoleEnum

    Public Shared Sub Main()
        DemonstrateWindowsBuiltInRoleEnum()

    End Sub 'Main
End Class 'SecurityPrincipalDemo 
public:
   static void DemonstrateWindowsBuiltInRoleEnum()
   {
      AppDomain^ myDomain = Thread::GetDomain();

      myDomain->SetPrincipalPolicy( PrincipalPolicy::WindowsPrincipal );
      WindowsPrincipal^ myPrincipal = dynamic_cast<WindowsPrincipal^>(Thread::CurrentPrincipal);

      Console::WriteLine( "{0} belongs to: ", myPrincipal->Identity->Name );

      Array^ wbirFields = Enum::GetValues( WindowsBuiltInRole::typeid );

      for each ( Object^ roleName in wbirFields )
      {
         try
         {
            Console::WriteLine( "{0}? {1}.", roleName,
               myPrincipal->IsInRole(  *dynamic_cast<WindowsBuiltInRole^>(roleName) ) );
         }
         catch ( Exception^ ) 
         {
            Console::WriteLine( "{0}: Could not obtain role for this RID.",
               roleName );
         }
      }
   }
.NET Framework
Available since 1.1

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top