windows-principal

I have a WPF client that connects to a WCF service, and I want to lock down some of the functionality so that only certain users can perform certain actions. The WCF service impersonates the client user when executing service methods. The OS is Windows XP. I was reading this question as part of my investigation into the best way to apply user roles to features in my application (I want to assign users to AD security groups, and then check IsInRole), and am worried that cached permissions will allow users who have had their permissions reduced to access functionality they no longer have

I am trying to work out why attribute based security isn't working as I'd expect in WCF and I suspect it might have something to do with the following: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); var identity = new WindowsIdentity("ksarfo"); var principal = new WindowsPrincipal(identity); Console.WriteLine("\nChecking whether current user [" + identity.Name + "] is member of [" + groupName + "]"); Console.WriteLine(principal.IsInRole(groupName)); // returns true principal = (WindowsPrincipal)Thread.CurrentPrincipal; identity = (WindowsIdentity) principal

I would like to temporarily impersonate a domain user account to read in a file on a network drive from an ASP.NET site. I would rather not set up impersonation for the entire site or set up a mapped drive on the server. Even Mien I ended up using code from Michiel van Otegem: WindowsImpersonationContext made easy and added an implementation of IDisposable. I found this in another question about impersonation in ASP.NET . Usage: using (WindowsImpersonationContextFacade impersonationContext = new WindowsImpersonationContextFacade( Settings.Default.ImpersonationDomain, Settings.Default

I am building a intranet application using MVC3 with a MSSQL backend. I have authentication and roles (through a custom roles provider) working properly. What I am trying to do now is overriding User.Identity to allow for items like User.Identity.FirstName. But I cannot find any code that will show me how do this in WindowsIdentity I have tried writing a custom provider: public class CPrincipal : WindowsPrincipal { UserDAL userDAL = new UserDAL(); public CPrincipal(WindowsIdentity identity) : base(identity) { userInfo = userDAL.GetUserProfile(identity.Name.Split('\\')[1]); this.identity =

The WindowsIdentity(string) constructor requires the username to be in username@domain.com format. But in my case I get the usernames from a DB in the old DOMAIN\user format (and then have to check their Windows role membership). What is the best way of creating WindowsPrincipal from the old style (sAMAccountName) username? It does seem that there is no way of converting the username format without involving a query to Active Directory. Since that is the case there is no need to create WindowsPrincipal for checking the group membership since that would probably need yet another connection to