【windows 访问控制】十二、C#实操 主体 System.Security.Principal 案例
案例1、主体(包含用户和组)和标识(用户名)的使用。
PrincipalPolicy枚举:主体类型 分为window主体、未认证的主体和未分配主体
GenericPrincipal、GenericIdentity主体类:自定义普通的主体,该主体是认证的。
WindowsPrincipal、WindowsIdentity主体类:系统主体
Thread.CurrentPrincipal = principal; 设置当前线程的主体
IIdentity 、IPrincipal 主体类的接口
#region 当前线程 Thread t = null; Console.WriteLine("======PrincipalPolicy.WindowsPrincipal==========="); AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); t = new Thread(new ThreadStart(CurrentThreadInfo)); t.Start(); t.Join(); Console.WriteLine("======PrincipalPolicy.UnauthenticatedPrincipal==========="); AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal); t = new Thread(new ThreadStart( CurrentThreadInfo)); t.Start(); t.Join(); Console.WriteLine("=====PrincipalPolicy.NoPrincipal==========="); AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.NoPrincipal); t = new Thread(new ThreadStart(CurrentThreadInfo)); t.Start(); t.Join(); Console.WriteLine("======自定义一个主体==========="); IIdentity identity = new GenericIdentity("MyIdentity"); IPrincipal principal = new GenericPrincipal(identity, new[] { "studentc", "student" }); //AppDomain.CurrentDomain.SetThreadPrincipal(principal); Thread.CurrentPrincipal = principal; t = new Thread(new ThreadStart(CurrentThreadInfo)); t.Start(); t.Join(); static void CurrentThreadInfo() { IPrincipal currentPricipal= Thread.CurrentPrincipal; if (currentPricipal != null ) { Console.WriteLine($"TYPE:{currentPricipal.Identity.GetType().Name}"); Console.WriteLine($"Name:{currentPricipal.Identity.Name}"); Console.WriteLine($"IsAuthenticated:{currentPricipal.Identity.IsAuthenticated}"); if (currentPricipal.IsInRole("student")) { Console.WriteLine("role:student"); } } else { Console.WriteLine("currentPricipal Is Null"); } }
案例二|、
using System.Reflection; using System.Security.AccessControl; using System.Security.Permissions; using System.Security.Principal; #region 当前进程 //将当前进程设置为安全主体,应用程序默认值为 UnauthenticatedPrincipal。 AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); WindowsPrincipal currentProgramePrincipal = (WindowsPrincipal)Thread.CurrentPrincipal; Type type = typeof(WindowsPrincipal); Console.WriteLine("===============当前进程的主体 标识 ==========================="); //获取当前进程的主体 标识 foreach (var item in type.GetProperties()) { Console.WriteLine($"{item.Name}:{item.GetValue(currentProgramePrincipal).ToString()}"); if (item.Name == "Identity") { WindowsIdentity currentProgrameIdentity = item.GetValue(currentProgramePrincipal) as WindowsIdentity; Type currentIdentity = typeof(WindowsIdentity); foreach (var ite in currentIdentity.GetProperties()) { Console.WriteLine($"{ite.Name}:{ite.GetValue(currentProgrameIdentity)}"); } } } // Console.WriteLine("===============当前进程主体的角色==========================="); //获取当前进程主体的角色 foreach (var rolename in Enum.GetValues(typeof(WindowsBuiltInRole))) { Console.WriteLine($"{rolename.ToString()}:{currentProgramePrincipal.IsInRole((WindowsBuiltInRole)rolename)}"); ; } Console.WriteLine("=================当前用户的标识======================"); //获取当前用户的标识 WindowsIdentity identity = WindowsIdentity.GetCurrent(); Type WindowsIdentityType = typeof(WindowsIdentity); foreach (var item in WindowsIdentityType.GetProperties()) { Console.WriteLine($"{item.Name}:{item.GetValue(identity)}"); } #endregion