Presentation is loading. Please wait.

Presentation is loading. Please wait.

System.Security.Principal Namespace

Published byCynthia Davis Modified over 6 years ago

Similar presentations

Presentation on theme: "System.Security.Principal Namespace"— Presentation transcript:

1 System.Security.Principal Namespace
Presenter Kranthi Kumar Kontham

2 Introduction Identity: Represents an authenticated user. Principal: Encapsulates an identity and the roles to which the identity belongs.

3 Role-based Security in .net Framework supports
three types of principals: Generic Principal Independent of Windows account users and roles. Window Principal Represents Windows users and roles. Custom Principal: Extension of basic idea of principal’s identity and roles. Customised according to particular application.

4 Classes GenericIdentity GenericPrincipal SecurityIdentifier
WindowsIdentity WindowsPrincipal

5 Example GenericPrincipal
//Data is normally retrieved from the database String username=“Alex”; String[] roles=new String[] {“Programmer”, “ Teacher”}; GenericIdentity identity; GenericPrincipal principal; //create identity and principal Identity= new GenericIdentiy(username,“customauthenication”); Principal=new GenericPrincipal(identity, roles); //set principal to thread Thread.CurrentPrincipal=principal;

6 Interfaces Properties: IIdentity Iprincipal IsAuthenticated
AuthenticationType (Basic, ntlm, kerberos and passport authentication) Name Iprincipal Identity IsInRole() Basic, ntlm, kerberos and passport authenticarion

7 Enumerations PrincipalPolicy
public enum PrincipalPolicy { UnauthenticatedPrincipal = 0, NoPrincipal = 1,WindowsPrincipal = 2 } WindowsAccountType Normal = 0,Guest = 1,System = 2,Anonymous = 3 WindowsBuiltInRole Administrator = 544,User = 545,Guest = 546,PowerUser = 547,AccountOperator = 548, SystemOperator = 549, PrintOperator = 550,BackupOperator = 551,Replicator = 552

8 Code Snippet 1 AppDomain myDomain = Thread.GetDomain();
//creating appl. Domain obj and returning curr. domain in which curr. Thread is running AppDomain myDomain = Thread.GetDomain(); // Configure the current application domain's principal policy to represent the active Windows user myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal; Array wbirFields = Enum.GetValues(typeof(WindowsBuiltInRole)); foreach (object roleName in wbirFields) { try // Cast the role name to a RID represented by the WindowsBuildInRole value. Console.WriteLine("{0}? {1}.", roleName, myPrincipal.IsInRole((WindowsBuiltInRole)roleName)); }

9 Demo

10 Code snippet 2 // Create a WindowsIdentity object for the user represented by the specified Windows account token. private static void IntPtrConstructor(IntPtr logonToken) { // Construct a WindowsIdentity object using the input account token. WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken); Console.WriteLine("Created a Windows identity object named " + windowsIdentity.Name + "."); } // Construct a WindowsIdentity object using the input account token and the specified authentication type. string authenticationType = "WindowsAuthentication1"; WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken, authenticationType);

11 string authenticationType = "WindowsAuthentication";
// Construct a WindowsIdentity object using the input account token, // and the specified authentication type, and Windows account type. string authenticationType = "WindowsAuthentication"; WindowsAccountType guestAccount = WindowsAccountType.Guest; WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken, authenticationType, guestAccount); // and the specified authentication type, Windows account type, and // authentication flag. bool isAuthenticated = true; WindowsIdentity windowsIdentity = new WindowsIdentity( logonToken, authenticationType, guestAccount, isAuthenticated);

12 private static void UseProperties(IntPtr logonToken) {
// Access the properties of a WindowsIdentity object. private static void UseProperties(IntPtr logonToken) { WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken); propertyDescription += windowsIdentity.Name; if (!windowsIdentity.IsAnonymous) { } if (windowsIdentity.IsAuthenticated) if (windowsIdentity.IsSystem) }

13 if (windowsIdentity.IsGuest) { }
{ } IntPtr accountToken = WindowsIdentity.GetCurrent().Token; // Retrieve a WindowsIdentity object that represents an anonymous // Windows user WindowsIdentity windowsIdentity = WindowsIdentity.GetAnonymous();

14 Demo

15 Questions ?

16 References www.msdn.com
Professional C#, Third Edition, Copyright © 2004 by Wiley Publishing, Inc., Indianapolis, Indiana. All rights reserved.

Download ppt "System.Security.Principal Namespace"

Similar presentations

Distributed Applications By Sam Nasr, MCP www.ClevelandDotNet.info.

Distributed Applications By Sam Nasr, MCP
Security for Developers Web Application Security Steven Borg & Richard Hundhausen Accentient, Inc.

Security for Developers Web Application Security Steven Borg & Richard Hundhausen Accentient, Inc.
.NET Framework Application Security Overview

.NET Framework Application Security Overview
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Liang, Introduction to Java Programming, Ninth Edition, (c) 2013 Pearson Education, Inc. All rights reserved. Multithreading Example from Liang textbook.

Liang, Introduction to Java Programming, Ninth Edition, (c) 2013 Pearson Education, Inc. All rights reserved. Multithreading Example from Liang textbook.
.NET 4.5, Just the good Stuff William Tulloch Senior Consultant Readify Mahesh Krishnan Principal Consultant Readify DEV215.

.NET 4.5, Just the good Stuff William Tulloch Senior Consultant Readify Mahesh Krishnan Principal Consultant Readify DEV215.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Jax ArcSig 3/22/2011 Keith Tingle. About Me Keith Tingle Lender Processing Services

Jax ArcSig 3/22/2011 Keith Tingle. About Me Keith Tingle Lender Processing Services
Security in.NET Jørgen Thyme Microsoft Denmark. Topics & non-topics  Cryptography  App domains  Impersonation / delegation  Authentication  Authorization.

Security in.NET Jørgen Thyme Microsoft Denmark. Topics & non-topics  Cryptography  App domains  Impersonation / delegation  Authentication  Authorization.
Microsoft ASP.NET Security Venkat Chilakala Support Professional Microsoft Corporation.

Microsoft ASP.NET Security Venkat Chilakala Support Professional Microsoft Corporation.
Code Access Security vs. Role-Based Security  RBS  Security identity attached to user accounts  Access to resources specified according to user’s group.

Code Access Security vs. Role-Based Security  RBS  Security identity attached to user accounts  Access to resources specified according to user’s group.
Chapter 13 – Site Security. Internet Information Server ASP.NET Applications.NET Framework Windows NT/2000 Operating System Forms Passport Windows Certificates.

Chapter 13 – Site Security. Internet Information Server ASP.NET Applications.NET Framework Windows NT/2000 Operating System Forms Passport Windows Certificates.
Role based Security in.NET By By Aasia Riasat Aasia RiasatCS-795.

Role based Security in.NET By By Aasia Riasat Aasia RiasatCS-795.
Understanding Security Lesson 6. Objective Domain Matrix Skills/ConceptsMTA Exam Objectives Understanding the System.Security Namespace Understand the.

Understanding Security Lesson 6. Objective Domain Matrix Skills/ConceptsMTA Exam Objectives Understanding the System.Security Namespace Understand the.
Delivering Excellence in Software Engineering ® 2006. EPAM Systems. All rights reserved. ASP.NET Authentication.

Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.

Session 6 Windows Platform Dina Alkhoudari. Learning Objectives What is Active Directory Logical components of active directory Physical components of.
Authentication and Authorization CS795/895. How.Net Security Works Users who log in to the application are granted a principal and an identity, based.

Authentication and Authorization CS795/895. How.Net Security Works Users who log in to the application are granted a principal and an identity, based.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

Similar presentations

Ads by Google