You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
112 lines
3.5 KiB
112 lines
3.5 KiB
//+---------------------------------------------------------------------------
|
|
//
|
|
// Copyright (C) 1996, Microsoft Corporation
|
|
//
|
|
// File: secident.hxx
|
|
//
|
|
// Contents: Security identity, to determine if two requests are on
|
|
// behalf of the same authenticated ID.
|
|
//
|
|
// Class: CSecurityIdentity
|
|
//
|
|
// History: 23 Jan 96 Alanw Created
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
#pragma once
|
|
|
|
//+---------------------------------------------------------------------------
|
|
//
|
|
// Class: CSecurityIdentity
|
|
//
|
|
// Purpose: Identify the client of a query for query caching.
|
|
//
|
|
// History: 23 Jan 1996 AlanW Created
|
|
//
|
|
// Notes: The token's ModifiedId is used to correlate tokens with
|
|
// the same SIDs and Privileges. The ModifiedId is changed
|
|
// any time a token is changed. On a server, the privileges
|
|
// are not modified, so the ModifiedId doesn't change typically.
|
|
//
|
|
// The ModifiedId is a LUID, so it's very convenient for
|
|
// comparisons.
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
class CSecurityIdentity
|
|
{
|
|
public:
|
|
inline CSecurityIdentity();
|
|
CSecurityIdentity( CSecurityIdentity const & securityIdentity )
|
|
{
|
|
_TokenModifiedId = securityIdentity._TokenModifiedId;
|
|
}
|
|
|
|
void SetSecurityToken( CSecurityIdentity const & securityIdentity )
|
|
{
|
|
_TokenModifiedId = securityIdentity._TokenModifiedId;
|
|
}
|
|
|
|
inline BOOL IsEqual( CSecurityIdentity const & Other ) const;
|
|
|
|
private:
|
|
|
|
LUID _TokenModifiedId; // the token ID
|
|
};
|
|
|
|
|
|
//+---------------------------------------------------------------------------
|
|
//----------------------------------------------------------------------------
|
|
HANDLE GetSecurityToken(TOKEN_STATISTICS & TokenInformation);
|
|
|
|
//+---------------------------------------------------------------------------
|
|
//
|
|
// Method: CSecurityIdentity::CSecurityIdentity, public
|
|
//
|
|
// Synopsis: Constructor of a CSecurityIdentity. Get information
|
|
// from a token to identify the client.
|
|
//
|
|
// Arguments: - none -
|
|
//
|
|
// History: 25 Jan 96 Alanw Created
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
inline CSecurityIdentity::CSecurityIdentity()
|
|
{
|
|
_TokenModifiedId.LowPart = 0;
|
|
_TokenModifiedId.HighPart = 0;
|
|
|
|
TOKEN_STATISTICS TokenInformation;
|
|
HANDLE hToken = GetSecurityToken(TokenInformation);
|
|
CloseHandle( hToken );
|
|
|
|
_TokenModifiedId = TokenInformation.ModifiedId;
|
|
}
|
|
|
|
//+---------------------------------------------------------------------------
|
|
//
|
|
// Method: CSecurityIdentity::IsEqual, public
|
|
//
|
|
// Synopsis: Test for equality.
|
|
//
|
|
// Arguments: [Other] -- Token to compare
|
|
//
|
|
// Returns: TRUE if tokens are equal
|
|
//
|
|
// History: 25 Jan 96 Alanw Created
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
inline BOOL CSecurityIdentity::IsEqual( CSecurityIdentity const & Other ) const
|
|
{
|
|
//
|
|
// Note: The cast to int64 works *only* for equality!
|
|
//
|
|
|
|
Win4Assert( sizeof( _TokenModifiedId ) == sizeof( LARGE_INTEGER ) );
|
|
|
|
return ( ((UNALIGNED LARGE_INTEGER *)&_TokenModifiedId)->QuadPart ==
|
|
((UNALIGNED LARGE_INTEGER *)&Other._TokenModifiedId)->QuadPart);
|
|
}
|
|
|