. NET Framework role-based security (1)

. NET Framework | security | Safety The proportion of computer and information crime has been increasing over a long period of time. In a 2001 study, the Federal Bureau of Investigation's computer security organization found that 85% of companies ' corporate safety was compromised. In the report on the loss of property after the investigation of these enterprises, the total loss was 377 million USD, which was 42% higher than that of 265 million dollars in 2000 years. It can be clearly seen that the computer and information crime occurred more and more frequently, the loss caused by more and more, in addition, the means of crime more and more rich, so that enterprise security personnel. Therefore, enterprises must act to protect valuable information assets. 　　Naturally, security is becoming an issue that cannot be neglected in the development of current programs. The traditional security model provides isolation and access control based on user and user group mechanisms. This means that the user can either run all the code or none. This is exactly the security model that most operating systems are taking, even if it seems to be effective now, but after deep thinking, we can see that this mechanism is based on the assumption that all code has the same level of trust. When all the code comes from you or your system administrator, the assumption is effective. But now that most computers are connected to the Internet, it's not so good to have a "yes" or "no" way. NET Framework provides a comprehensive security system that is sufficient to deal with most of the security problems that are already present. The. NET Framework provides a security model that is similar to the traditional model but is customized by developers, called role-based Security (role-based). The most important concept of role-based security is authorization (principals) and identity (identity).



Role-based security

Simply put, the purpose of program security is to prevent malicious people or programs from doing things that administrators and developers are not allowed to do. The traditional security mechanisms mentioned earlier focus on controlling user permissions, by validating the user's identity to restrict the user's actions, you can control the access of specific users to resources, and for a long time, both Windows and UNIX, the most successful operating systems, have taken this security mechanism. In the discussion. NET's security programming, we'll take a look first. NET platform, only a deep understanding of the security model, we can more effectively use the platform to provide us with better security assurance (the operating system discussed below is mainly Windows 2000 and Windows XP).

. NET security model is at the top of the security model of the system and is well integrated with the security features of some server programs (of course, these products are currently limited to Microsoft's own products, such as SQL Server and Internet Information Services (IIS)). Just because. NET differs from the operating system level, so. NET program security depends on a number of factors: how. NET security is configured, how program components are written, and some security features that are set by Windows, network settings, or other programs.

The following picture illustrates. NET security model works on the security subsystem of Windows. Administrators use the admin console snap-ins to set up user accounts and develop security policies. At the same time, administrators are also responsible for management. NET Security configuration. When the user logs on to the operating system and runs. NET managed programs, the CLR authenticates the user and allows the program to perform certain actions, and then passes these operations to the operating system's security watchdog.


But one problem that needs special attention is that no matter how you use it. NET, the resources are still under the protection of the operating system level. For resources that are protected by special protection. NET platform security permissions are powerless (in fact, this is exactly the same as. NET's hierarchical relationship to the operating system).

Let's take a look at some of the concepts in role-based security, as well as the concepts in. NET is how to use.
Authentication (authentication) refers to the process of determining the identity of a user, whereas authorization (authorization) refers to the ability to give a user access to a specific resource after the process above, which means that the validation is to know "who you are" and authorization is "What you can Do". NET provides a principal and identity object for both processes, where role-based security is based on the principal object, which encapsulates the current user's information, including both user identities and the role he plays The Identity object indicates that the identity object contains not only the specified user identity information (user name or account number), but also the "how to verify this identity" method.

Identity Object

An identity object is an instance of a class that implements the IIdentity interface. The IIdentity interface includes three read-only properties:

String AuthenticationType {get;} Gets the type of authentication used
BOOL IsAuthenticated {get;} gets a Boolean value that indicates whether the login user is authenticated
String name {get;} Gets the name of the current user

. NET, the following four classes are implemented in the interface:

1, GenericIdentity used to express the general user, can be used to customize the situation of login authentication.

2, WindowsIdentity used to express the success of the Windows system to log Windows users.

3. FormsIdentity is used to represent users who use forms authentication in asp.net applications.

4, PassportIdentity is used to represent users in applications that use Passport. However, be aware that you must have a Passport SDK installed to use this class.

Since the top three are the most used in the current specific development, and the FormsIdentity class will be devoted to the following article, we'll discuss the first two classes in detail
GenericIdentity class

The GenericIdentity class is actually quite simple, and it is not associated with any particular authentication protocol. Therefore, it is often used in the use of custom landing mechanism of the occasion. For example, a program can prompt the user to enter a user name and password, and then go to the custom user database to query. If the username and password are valid, the program creates a principal and (corresponding) identity object based on matching records in the database.

The GenericIdentity class has nothing more than three IIdentity interface-defined attributes. However, the GenericIdentity class provides two constructors. A constructor accepts a string parameter that specifies the user name, and another constructor accepts two parameters: the first is the username string and the second is the given validation type string.


Public GenericIdentity (string name);
Public GenericIdentity (string name, String type);

Now we're not talking too much about the details of using the GenericIdentity class, and we'll see how to use the GenericIdentity object in a real program later.

WindowsIdentity class

As a derived class that implements the IIdentity interface, the WindowsIdentity class is used primarily to represent users who successfully log on to Windows. Let's look at the constructors, properties, and methods of the WindowsIdentity class in turn.

The IntPtr type argument is used in the constructor, so let's take a look at this data type, which is typically used to represent platform-dependent data types, such as a memory pointer or a handle. In the case we use, the IntPtr parameter is usually used to represent a Win32 handle, which points to a 32-bit user's account Mark token. This tag is typically obtained by invoking the unmanaged Win32 API.


Public WindowsIdentity (IntPtr usertoken);
Public WindowsIdentity (IntPtr usertoken, string authtype);
Public WindowsIdentity (IntPtr usertoken, String authtype, Windowsaccounttype accttype);
Public WindowsIdentity (IntPtr usertoken, String authtype, Windowsaccounttype accttype, bool isauthenticated);

Each constructor has the same IntPtr parameter followed by some parameters with additional information: The authentication type, the Windows account type, and the validation status. Note that the Windowsaccounttype parameter must use one of the following enumeration values: Anonymous,guest,normal,system.

Of course, the WindowsIdentity class also has three read-only properties of the IIdentity interface: authenticationtype,isauthenticated and name. In addition, the WindowsIdentity class also has its own unique properties: Isanonymous,isguest and IsSystem, with these three attributes to better determine the user account.

Then let's look at the WindowsIdentity class method. In addition to the methods that inherit from the object class, there are three methods for the WindowsIdentity class: Getanonymous,getcurrent and impersonate.

1. The Getanonymous method returns a WindowsIdentity object that represents an anonymous user.

2. The GetCurrent method returns a WindowsIdentity object that represents the current user.

3, impersonate method can let your code temporarily simulate a user.

Both the Getanonymous and GetCurrent methods return a WindowsIdentity object, and it's easy to use, and we need to be aware of the Impersonate method, which has two versions: the instance version (instance Version) and static versions. The method of the instance version takes no arguments and returns a WindowsImpersonationContext object based on the invoked WindowsIdentity object (the WindowsImpersonationContext class represents the Windows user); The static version requires a IntPtr parameter. This simulation is useful for server programs, which can reduce the access to the user account used by the server, thereby improving security to some extent. The following are the specific syntax for the above methods:


public static WindowsIdentity getanonymous ();
public static WindowsIdentity GetCurrent ();
Public virtual WindowsImpersonationContext impersonate ();
public static WindowsImpersonationContext impersonate (IntPtr usertoken);