Can't think of anything I'd rather be doing on Halloween than studying and writing code. :-)
Authentication and Authorization classes reside in the System.Security.Principal namespace.
The following classes and interfaces exist in this namespace:
- WindowsIdentity - Represents a Windows or AD user account.
- WindowsPrincipal - Provides access to a user's group memberships. From my study book, "You can use the WindowsPrincipal class to determine which groups a user is a member of. To query for built-in groups, pass to the WindowsPrincipal.IsInRole method a member of the System.Security.Principal.WindowsBuiltInRole".
- GenericIdentity - For simple, non-Microsoft directory service user account.
- GenericPrincipal - For simple, non-Microsoft directory service groups.
- IIdentity - For custom users.
- IPrincipal - For custom groups.
- WindowsBuiltInRole (enum) - local Windows groups that are common in NT, 2000, XP. Include: User, PowerUser, Administrator, Guest, AccountOperator, SystemOperator, PrintOperator, BackupOperator, and Replicator.
Here is sample code to get the current user's group memberships:
using System;
using System.Threading;
using System.Security.Principal;
namespace IdentityPrincipal
{
class Program
{
static void Main(string[] args)
{
WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent();
Console.WriteLine("Current User: '{0}", currentIdentity.Name);
// Two ways to get the currentPrincipal.
// 1. Through the WindowsPrincipal constructor passing in currentIdentity.
//WindowsPrincipal currentPrincipal = new WindowsPrincipal(currentIdentity);
// 2. Through the Thread.CurrentPrincipal property (after setting the Principal Policy of the
// current domain. For this sample program, we will use this method.
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
WindowsPrincipal currentPrincipal = (WindowsPrincipal) Thread.CurrentPrincipal;
if (currentPrincipal.IsInRole(WindowsBuiltInRole.User))
{
Console.WriteLine("Current User is a User");
}
if (currentPrincipal.IsInRole(WindowsBuiltInRole.Guest))
{
Console.WriteLine("Current User is a Guest");
}
if (currentPrincipal.IsInRole(WindowsBuiltInRole.PowerUser))
{
Console.WriteLine("Current User is a Power User");
}
if (currentPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
{
Console.WriteLine("Current User is an Administrator");
}
Console.ReadKey();
}
}
}