New classes have been added to System.Security.Principal namespace in Visual Studio 2005
The System.Security.Principal namespace has three new classes in .NET 2.0. They are explained briefly below.
- SecurityIdentifier: A Windows account is internally represented by OS as a security identifier. The account could be a user account, a group or a computer in the network domain. The SecurityIdentifier class encapsulates the binary representation of the SID.
- NTAccount: A Windows account in human readable text form
- IdentityReference: Acts as a base class defining common members for SecurityIdentifier and NTAccount. The class is not creatable by the programmer.
You can use either a SID or a name to identify windows accounts and can also derive one from the other as shown in the code snippet below.
//Get the security identifier of currently-logged in user.
SecurityIdentifier objSecId = WindowsIdentity.GetCurrent().User;
//Get the corresponding NT Account name.
NTAccount objNTAccount = (NTAccount) objSecId.Translate(typeof(NTAccount));
These classes can be used in conjunction with API for controlling ACLs under System.Security.AccessControl namespace.