public class WindowsIdentity : IIdentity, System.Runtime.Serialization.ISerializable,
System.Runtime.Serialization.IDeserializationCallback {
// Public Constructors
public WindowsIdentity(IntPtr userToken);
public WindowsIdentity(IntPtr userToken, string type);
public WindowsIdentity(IntPtr userToken, string type, WindowsAccountType acctType);
public WindowsIdentity(IntPtr userToken, string type, WindowsAccountType acctType, bool isAuthenticated);
public WindowsIdentity(System.Runtime.Serialization.SerializationInfo info,
System.Runtime.Serialization.StreamingContext context);
public WindowsIdentity(string sUserPrincipalName);
public WindowsIdentity(string sUserPrincipalName, string type);
// Public Instance Properties
public virtual string AuthenticationType{get; }
// implements IIdentity
public virtual bool IsAnonymous{get; }
public virtual bool IsAuthenticated{get; }
// implements IIdentity
public virtual bool IsGuest{get; }
public virtual bool IsSystem{get; }
public virtual string Name{get; }
// implements IIdentity
public virtual IntPtr Token{get; }
// Public Static Methods
public static WindowsIdentity GetAnonymous( );
public static WindowsIdentity GetCurrent( );
public static WindowsImpersonationContext Impersonate(IntPtr userToken);
// Public Instance Methods
public virtual WindowsImpersonationContext Impersonate( );
// Protected Instance Methods
protected override void Finalize( );
// overrides object
}
The WindowsIdentity class provides an
IIdentity implementation that represents a Windows
user. Because WindowsIdentity is Windows-specific,
it implements members useful for working with Windows user accounts
in addition to the minimum functionality defined by
IIdentity.
The static GetCurrent( ) method returns a
WindowsIdentity object representing the currently
logged-on Windows user, and the staticGetAnonymous(
) method returns a WindowsIdentity
object representing an anonymous Windows user. The
WindowsIdentity constructors support creation of
WindowsIdentity objects that represent users other
than the active user. Each constructor requires a Windows access
token representing the desired user. A handle to the Windows access
token is passed to the constructor wrapped in a
System.IntPtr object. The Windows access token is
usually obtained through a call to unmanaged code, such as the
LogonUser( ) method of the
advapi32.dllWin32 library. The access token for
an existing WindowsIdentity is available through
its Token property. Starting with .NET 1.1,
however, it is possible to construct a
WindowsIdentity using a string argument containing
the user Principal Name of the user, such as the value that would be
passed to the LogonUser( ) API. However, this
functionality is only available on Windows 2003 Server or later
platforms; on any other platform, it will throw an
ArgumentException.
Calling the Impersonate( ) method changes the
Windows access token of the current thread to that of the user
represented by the WindowsIdentity object. By
creating a WindowsIdentity that represents a user
other than the active Windows user, Impersonate( )
allows code to perform operating system-level impersonation. The
Impersonate( ) method returns a
WindowsImpersonationContext object representing
the Windows access token prior to impersonation; this object must be
kept in order to revert to the original access token once
impersonation is no longer required.
The IsAnonymous, IsGuest, and
IsSystem properties provide an easy-to-use
mechanism for determining if a WindowsIdentity
object represents an anonymous, guest, or system Windows user
account. Determining if a WindowsIdentity
represents a normal account is a process of elimination; there is no
IsNormal property.
The Name property of a
WindowsIdentity object will return a name in the
form DOMAINNAME\USERNAME, where DOMAINNAME specifies the authority
used to validate the user; for example, COMPANY_X\Gary or
MY_MACHINE\Peter.
