Edit

Share via


How to: Create GenericPrincipal and GenericIdentity Objects

Note

This article applies to Windows.

For information about ASP.NET Core, see Overview of ASP.NET Core Security.

You can use the GenericIdentity class in conjunction with the GenericPrincipal class to create an authorization scheme that exists independent of a Windows domain.

To create a GenericPrincipal object

  1. Create a new instance of the identity class and initialize it with the name you want it to hold. The following code creates a new GenericIdentity object and initializes it with the name MyUser.

    Dim myIdentity As New GenericIdentity("MyUser")
    
    GenericIdentity myIdentity = new GenericIdentity("MyUser");
    
  2. Create a new instance of the GenericPrincipal class and initialize it with the previously created GenericIdentity object and an array of strings that represent the roles that you want associated with this principal. The following code example specifies an array of strings that represent an administrator role and a user role. The GenericPrincipal is then initialized with the previous GenericIdentity and the string array.

    Dim myStringArray As String() = {"Manager", "Teller"}
    DIm myPrincipal As New GenericPrincipal(myIdentity, myStringArray)
    
    String[] myStringArray = {"Manager", "Teller"};
    GenericPrincipal myPrincipal = new GenericPrincipal(myIdentity, myStringArray);
    
  3. Use the following code to attach the principal to the current thread. This is valuable in situations where the principal must be validated several times, it must be validated by other code running in your application, or it must be validated by a PrincipalPermission object. You can still perform role-based validation on the principal object without attaching it to the thread. For more information, see Replacing a Principal Object.

    Thread.CurrentPrincipal = myPrincipal
    
    Thread.CurrentPrincipal = myPrincipal;
    

Example

The following code example demonstrates how to create an instance of a GenericPrincipal and a GenericIdentity. This code displays the values of these objects to the console.

Imports System.Security.Principal
Imports System.Threading

Public Class Class1

    Public Shared Sub Main()
        ' Create generic identity.
        Dim myIdentity As New GenericIdentity("MyIdentity")

        ' Create generic principal.
        Dim myStringArray As String() =  {"Manager", "Teller"}
        Dim myPrincipal As New GenericPrincipal(myIdentity, myStringArray)

        ' Attach the principal to the current thread.
        ' This is not required unless repeated validation must occur,
        ' other code in your application must validate, or the
        ' PrincipalPermission object is used.
        Thread.CurrentPrincipal = myPrincipal

        ' Print values to the console.
        Dim name As String = myPrincipal.Identity.Name
        Dim auth As Boolean = myPrincipal.Identity.IsAuthenticated
        Dim isInRole As Boolean = myPrincipal.IsInRole("Manager")

        Console.WriteLine("The name is: {0}", name)
        Console.WriteLine("The isAuthenticated is: {0}", auth)
        Console.WriteLine("Is this a Manager? {0}", isInRole)

    End Sub

End Class
using System;
using System.Security.Principal;
using System.Threading;

public class Class1
{
    public static int Main(string[] args)
    {
    // Create generic identity.
    GenericIdentity myIdentity = new GenericIdentity("MyIdentity");

    // Create generic principal.
    String[] myStringArray = {"Manager", "Teller"};
    GenericPrincipal myPrincipal =
        new GenericPrincipal(myIdentity, myStringArray);

    // Attach the principal to the current thread.
    // This is not required unless repeated validation must occur,
    // other code in your application must validate, or the
    // PrincipalPermission object is used.
    Thread.CurrentPrincipal = myPrincipal;

    // Print values to the console.
    String name =  myPrincipal.Identity.Name;
    bool auth =  myPrincipal.Identity.IsAuthenticated;
    bool isInRole =  myPrincipal.IsInRole("Manager");

    Console.WriteLine("The name is: {0}", name);
    Console.WriteLine("The isAuthenticated is: {0}", auth);
    Console.WriteLine("Is this a Manager? {0}", isInRole);

    return 0;
    }
}

When executed, the application displays output similar to the following.

The Name is: MyIdentity
The IsAuthenticated is: True
Is this a Manager? True

See also