WindowsPrincipal Class

Definition

Enables code to check the Windows group membership of a Windows user.

C#
public class WindowsPrincipal : System.Security.Claims.ClaimsPrincipal
C#
[System.Serializable]
public class WindowsPrincipal : System.Security.Principal.IPrincipal
C#
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public class WindowsPrincipal : System.Security.Principal.IPrincipal
C#
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public class WindowsPrincipal : System.Security.Claims.ClaimsPrincipal
Inheritance
WindowsPrincipal
Inheritance
WindowsPrincipal
Attributes
Implements

Examples

The following example demonstrates how to use the IsInRole method overloads. The WindowsBuiltInRole enumeration is used as the source for the relative identifiers (RIDs) that identify the built-in roles. The RIDs are used to determine the roles of the current principal.

C#
using System;
using System.Threading;
using System.Security.Permissions;
using System.Security.Principal;

class SecurityPrincipalDemo
{
    public static void DemonstrateWindowsBuiltInRoleEnum()
    {
        AppDomain myDomain = Thread.GetDomain();

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
        WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;
        Console.WriteLine("{0} belongs to: ", myPrincipal.Identity.Name.ToString());
        Array wbirFields = Enum.GetValues(typeof(WindowsBuiltInRole));
        foreach (object roleName in wbirFields)
        {
            try
            {
                // Cast the role name to a RID represented by the WindowsBuildInRole value.
                Console.WriteLine("{0}? {1}.", roleName,
                    myPrincipal.IsInRole((WindowsBuiltInRole)roleName));
                Console.WriteLine("The RID for this role is: " + ((int)roleName).ToString());
            }
            catch (Exception)
            {
                Console.WriteLine("{0}: Could not obtain role for this RID.",
                    roleName);
            }
        }
        // Get the role using the string value of the role.
        Console.WriteLine("{0}? {1}.", "Administrators",
            myPrincipal.IsInRole("BUILTIN\\" + "Administrators"));
        Console.WriteLine("{0}? {1}.", "Users",
            myPrincipal.IsInRole("BUILTIN\\" + "Users"));
        // Get the role using the WindowsBuiltInRole enumeration value.
        Console.WriteLine("{0}? {1}.", WindowsBuiltInRole.Administrator,
           myPrincipal.IsInRole(WindowsBuiltInRole.Administrator));
        // Get the role using the WellKnownSidType.
        SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
        Console.WriteLine("WellKnownSidType BuiltinAdministratorsSid  {0}? {1}.", sid.Value, myPrincipal.IsInRole(sid));
    }

    public static void Main()
    {
        DemonstrateWindowsBuiltInRoleEnum();
    }
}

Remarks

The WindowsPrincipal class is primarily used to check the role of a Windows user. The WindowsPrincipal.IsInRole method overloads let you check the user role by using different role contexts.

Constructors

WindowsPrincipal(WindowsIdentity)

Initializes a new instance of the WindowsPrincipal class by using the specified WindowsIdentity object.

Properties

Claims

Gets a collection that contains all of the claims from all of the claims identities associated with this claims principal.

(Inherited from ClaimsPrincipal)
CustomSerializationData

Contains any additional data provided by a derived type. Typically set when calling WriteTo(BinaryWriter, Byte[]).

(Inherited from ClaimsPrincipal)
DeviceClaims

Gets all Windows device claims from this principal.

Identities

Gets a collection that contains all of the claims identities associated with this claims principal.

(Inherited from ClaimsPrincipal)
Identity

Gets the identity of the current principal.

UserClaims

Gets all Windows user claims from this principal.

Methods

AddIdentities(IEnumerable<ClaimsIdentity>)

Adds the specified claims identities to this claims principal.

(Inherited from ClaimsPrincipal)
AddIdentity(ClaimsIdentity)

Adds the specified claims identity to this claims principal.

(Inherited from ClaimsPrincipal)
Clone()

Returns a copy of this instance.

(Inherited from ClaimsPrincipal)
CreateClaimsIdentity(BinaryReader)

Creates a new claims identity.

(Inherited from ClaimsPrincipal)
Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
FindAll(Predicate<Claim>)

Retrieves all of the claims that are matched by the specified predicate.

(Inherited from ClaimsPrincipal)
FindAll(String)

Retrieves all or the claims that have the specified claim type.

(Inherited from ClaimsPrincipal)
FindFirst(Predicate<Claim>)

Retrieves the first claim that is matched by the specified predicate.

(Inherited from ClaimsPrincipal)
FindFirst(String)

Retrieves the first claim with the specified claim type.

(Inherited from ClaimsPrincipal)
GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetObjectData(SerializationInfo, StreamingContext)

Populates the SerializationInfo with data needed to serialize the current ClaimsPrincipal object.

(Inherited from ClaimsPrincipal)
GetType()

Gets the Type of the current instance.

(Inherited from Object)
HasClaim(Predicate<Claim>)

Determines whether any of the claims identities associated with this claims principal contains a claim that is matched by the specified predicate.

(Inherited from ClaimsPrincipal)
HasClaim(String, String)

Determines whether any of the claims identities associated with this claims principal contains a claim with the specified claim type and value.

(Inherited from ClaimsPrincipal)
IsInRole(Int32)

Determines whether the current principal belongs to the Windows user group with the specified relative identifier (RID).

IsInRole(SecurityIdentifier)

Determines whether the current principal belongs to the Windows user group with the specified security identifier (SID).

IsInRole(String)

Determines whether the current principal belongs to the Windows user group with the specified name.

IsInRole(WindowsBuiltInRole)

Determines whether the current principal belongs to the Windows user group with the specified WindowsBuiltInRole.

MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ToString()

Returns a string that represents the current object.

(Inherited from Object)
WriteTo(BinaryWriter, Byte[])

Serializes using a BinaryWriter.

(Inherited from ClaimsPrincipal)
WriteTo(BinaryWriter)

Serializes using a BinaryWriter.

(Inherited from ClaimsPrincipal)

Applies to

Product Versions
.NET Core 1.0, Core 1.1, 6, 7, 8, 9
.NET Framework 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
.NET Standard 2.0 (package-provided)
Windows Desktop 3.0, 3.1, 5