INTRODUCTION Unauthorized access of sensitive data must be prohibited in a business application. Unauthorized users must not be able to view other people’s information. In a windows program, sometimes it is necessary to provide different information in guests and users. A guest should not be able to see important data of the program’s flow. The authentication methods require the System.Security.Principal namespace.
AUTHENTICATION IN C# On a network authentication is accomplished by the username/password concept. This allows for authentication of the user’s identify and for authorization of your privileges. The .Net environment provided the System.Security.Principal.WindowsIdentity class that represents a Windows user account. The class provides access to the current user’s name, authentication type and account token. To create an instance of this class you just have to call one of these methods: · GetAnonymous: Returns a WindowsIdentity object that represents an anonymous user. · GetCurrent: Returns a WindowsIdentity object that represents the current windows user. You can use this method to investigate the current user’s memberships and privileges. · Impersonate: Returns a WindowsImpersonationContext object that represents a specified user on the system. You can use it to impersonate a particular user account. After creating the WindowsIdentity object you can access several properties that provide information: · AuthenticationType: A string representing the authentication type. · IsAnonymous: A Boolean value that is set to true when the user is anonymous. · IsAuthenticated: A Boolean value that is set to true when the user is authenticated. · IsGuest: A Boolean value that is set to true if the user is a guest. · IsSystem: A Boolean value that is set to true if the user is part of the system. · Name: A string representing the authentication domain and the user name of the user. · Token: An integer, representing the user’s authentication token, assigned by the computer that authenticated the user. The following snippet of code demonstrates the use of such an authentication technique: using System.Security.Principal; namespace AuthenticatingUsers { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void button1_Click(object sender, EventArgs e) { // Store the current user WindowsIdentity myID = WindowsIdentity.GetCurrent(); // Display the name and authentication type label1.Text = myID.Name; label2.Text = myID.AuthenticationType; // Check user's authentication status and act accordingly if (myID.IsGuest) label3.Text = "welcome guest"; if (myID.IsAuthenticated) label3.Text = "Welcome " + myID.Name; } } } You can also add a WindowsPrincipal class object to investigate in which groups the user is member. To query for built-in groups you must pass to the WindowsPrincipal.IsInRole method a member of the System.Security.Principal.WindowsBuiltInRole class. See the following example how this works: private void main() { //Create a windowsIdentity object WindowsIdentity myID = WindowsIdentity.GetCurrent(); //Create a WindowsPrincipal object WindowsPrincipal myPrincipal = new WindowsPrincipal(myId); if (myPrincipal.IsInRole(WindowsBuiltInRole.Administrator)) Console.WriteLine("The current user is an administrator"); }
Trackback(0)
 |
TrackBack URI for this entry
Subscribe to this comment's feed
Tutorials 