Tutorials Desktop Programming C Sharp AUTHENTICATING USERS IN C#
Written by Christopher Thursday, 12 June 2008 18:15
Tutorials
INTRODUCTION
Unauthorized access of sensitive data must be prohibited in a business application. Unauthorized users must not be able to view other people’s information. In a windows program, sometimes it is necessary to provide different information in guests and users. A guest should not be able to see important data of the program’s flow. The authentication methods require the System.Security.Principal namespace.
AUTHENTICATION IN C#
On a network authentication is accomplished by the username/password concept. This allows for authentication of the user’s identify and for authorization of your privileges. The .Net environment provided the System.Security.Principal.WindowsIdentity class that represents a Windows user account. The class provides access to the current user’s name, authentication type and account token. To create an instance of this class you just have to call one of these methods:
·        GetAnonymous: Returns a WindowsIdentity object that represents an anonymous user.
·        GetCurrent: Returns a WindowsIdentity object that represents the current windows user. You can use this method to investigate the current user’s memberships and privileges.
·        Impersonate: Returns a WindowsImpersonationContext object that represents a specified user on the system. You can use it to impersonate a particular user account.
After creating the WindowsIdentity  object you can access several properties that provide information:
·        AuthenticationType: A string representing the authentication type.
·        IsAnonymous: A Boolean value that is set to true when the user is anonymous.
·        IsAuthenticated: A Boolean value that is set to true when the user is authenticated.
·        IsGuest: A Boolean value that is set to true if the user is a guest.
·        IsSystem: A Boolean value that is set to true if the user is part of the system.
·        Name: A string representing the authentication domain and the user name of the user.
·        Token: An integer, representing the user’s authentication token, assigned by the computer that authenticated the user.
The following snippet of code demonstrates the use of such an authentication technique:
using System.Security.Principal;
Â
namespace AuthenticatingUsers
{
   public partial class Form1 : Form
   {
       public Form1()
       {
           InitializeComponent();
       }
Â
       private void button1_Click(object sender, EventArgs e)
       {
         // Store the current user
           WindowsIdentity myID = WindowsIdentity.GetCurrent();
         // Display the name and authentication type
           label1.Text = myID.Name;
           label2.Text = myID.AuthenticationType;
Â
           // Check user's authentication status and act accordingly
           if (myID.IsGuest)
               label3.Text = "welcome guest";
           if (myID.IsAuthenticated)
               label3.Text = "Welcome " + myID.Name;
Â
       }
   }
}
You can also add a WindowsPrincipal class object to investigate in which groups the user is member. To query for built-in groups you must pass to the WindowsPrincipal.IsInRole method a member of the System.Security.Principal.WindowsBuiltInRole class. See the following example how this works:
      private void main()
       {
         //Create a windowsIdentity object
           WindowsIdentity myID = WindowsIdentity.GetCurrent();
        //Create a WindowsPrincipal object
           WindowsPrincipal myPrincipal = new WindowsPrincipal(myId);
Â
           if (myPrincipal.IsInRole(WindowsBuiltInRole.Administrator))
               Console.WriteLine("The current user is an administrator");
       }
TrackBack URI for this entry
Subscribe to this comment's feed
uggs on sale
said:
 |
... The intention was to use the new videos as transitions into the performed uggs outlet versions of the songs, transitions that are a long way from the original. Payne promises that the new "Thriller" is nothing like the boy on the date with the girl, while at the same time, "We didn't touch what we considered the uggs on sale sacred inside of it." And while the new version of "Thriller" and the other songs will be screened with This Is It in plain old 3D next week, that's not how they were intended to be seen, and that might not be the last we see of them either. |
| < Prev | Next > |
|---|
| Training Tip #1 :: Push-ups on the Swiss Ball admin 28.4.2009 7:07 |
Re:hello admin 21.4.2008 14:11 |
| Dell Inspiron 1545 Windows XP Drivers admin 12.4.2009 8:03 |
hello yuppy 21.4.2008 10:28 |
| Re:Get rich ebooks - are they really working? lann 23.4.2008 17:04 |
Re:Get rich ebooks - are they really working? admin 19.4.2008 14:08 |