Introduction
Our department has recently begun moving all of our Client/Server Applications over to Windows NT authentication via Active Directory. Our previous applications used a SQL Server login for each user. This can become very tedious when it come to setting up users across the company for wide spread applications. There are also inherent security risks involved without the user being authenticated. I thought I would share the following code dealing with security in .NET in hopes that it will help someone else.
Our applications are done in Visual Basic, so we of course have to make a Windows API call where we have defined the following function:
Old VB6 Windows API Method Call
Declare Function GetUserName Lib "advapi32.dll" Alias _
"GetUserNameA" (ByVal lpBuffer As String, nSize As Long) As Long
This is not difficult at all, however I have been playing around with C# lately and I thought it would be interesting to find out how we will do this in managed code.
My first idea was to do an import of the above mentioned advapi32.dll along with the method we will use to get the user name. There have been many other examples on Code Project where users have imported methods through existing .dll's, so hopefully some of this looks familiar. I have tried to document what is going on here, even though it is rather simple. The following code will require you to add using statement as well.
Possible New C# Managed Method
using System.Runtime.InteropServices;
[DllImport("Advapi32.dll", EntryPoint="GetUserName",
ExactSpelling=false, SetLastError=true)]
static extern bool GetUserName(
[MarshalAs(UnmanagedType.LPArray)] byte[] lpBuffer,
[MarshalAs(UnmanagedType.LPArray)] Int32[] nSize );
byte[] str=new byte[256];
Int32[] len=new Int32[1];
len[0]=256;
GetUserName(str,len);
MessageBox.Show(System.Text.Encoding.ASCII.GetString(str));
What I thought was an instant solution actually made me think a little harder about my initial problem. There must be a better way to get the username than by making an old Windows API call. Upon doing a little research I have come to the conclusion that the boys over at Microsoft did manage to include this into the .NET Framework rather seamlessly. I was rather shocked when I found out how very simple it was. You will only need the following:
Most Sensible C# Method
using System.Security.Principal;
string a;
a = System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();
MessageBox.Show(a.ToString());
The
System.Security.Principal.WindowsIdentity.GetCurrent() section opens us up to more than just the current user. When looking you will find the following additional methods/properties within this section of the .NET Framework:
AuthenticationType - Get's the type of authentication used to authenticate the user.Impersonates - Impersonates the user represented by the object.IsAnonymous - Indicates whether the user account is identified as an anonymous account by the system.IsAuthenticated - Determines if the user has been authenticated by Windows.IsGuest - Indicates whether the account is defined as a guest account by the system.IsSystem - Indicates whether the account is defined as a system account by the system.
That�s it! There isn�t a whole lot to it and we don�t even have to do any of the ugly importation of old
.dll�s. Hope this helps someone, I found it to be rather interesting.
