Thread-CurrentPrincipal

    // Get and set thread's current principal (for role based security).
// 获取并设置线程的当前主体(用于基于角色的安全性)。
public static IPrincipal CurrentPrincipal { [System.Security.SecuritySafeCritical] // auto-generated get { lock (CurrentThread) { IPrincipal principal = (IPrincipal) CallContext.Principal; if (principal == null) { principal = GetDomain().GetThreadPrincipal(); CallContext.Principal = principal; } return principal; } } [System.Security.SecuritySafeCritical] // auto-generated [SecurityPermissionAttribute(SecurityAction.Demand, Flags=SecurityPermissionFlag.ControlPrincipal)] set { CallContext.Principal = value; } }
CurrentPrincipal是静态属性,首先看下,Principal 
using System.Runtime.InteropServices;   
namespace System.Security.Principal
[System.Runtime.InteropServices.ComVisible(true)] public interface IPrincipal { // Retrieve the identity object IIdentity Identity { get; } // Perform a check for a specific role bool IsInRole (string role); }

是在namespace System.Security.Principal下的,属于安全方面的。怎么做到安全呢?就是加上自定义名称,和认证类型,保证该线程是自己发起的,如下代码所示:

        string[] rolesArray = { "managers", "executives" };
        try
        {
            // Set the principal to a new generic principal.
            Thread.CurrentPrincipal =
                new GenericPrincipal(new GenericIdentity(
                "Bob", "Passport"), rolesArray);
        }
        catch (SecurityException secureException)
        {
            Console.WriteLine("{0}: Permission to set Principal " +
                "is denied.", secureException.GetType().Name);
        }

        IPrincipal threadPrincipal = Thread.CurrentPrincipal;
        Console.WriteLine("Name: {0}\nIsAuthenticated: {1}" +
            "\nAuthenticationType: {2}",
            threadPrincipal.Identity.Name,
            threadPrincipal.Identity.IsAuthenticated,
            threadPrincipal.Identity.AuthenticationType);

输出结果是

Name: Bob
IsAuthenticated: True
AuthenticationType: Passport
True

 

posted @ 2021-11-22 13:48  vba是最好的语言  阅读(202)  评论(0编辑  收藏  举报