How to get sender's WindowsIdentity from recieved msmq message?

845 Views Asked by Stan B At 04 April 2025 at 05:51

I use msmq as a transport and a Security Appplication Block with Authorization Rule Provider for operation's authorization. I need WindowsPrincipal and not GenericPrincipal because rules granted to active directory user's groups and not to specific users. Message.SenderId can be converted to SecurityIdentifier but I did not find how to get WindowsIdentity from it.

void AuthorizeOperation(Message message)
{
   // get sender windows principal
   WindowsPrincipal principal = ... ???

   // extract operation name from message body
   string operation = ... 

   AuthorizationFactory.GetAuthorizationProvider().Authorize(principal, operation);
}

Original Q&A

There are 1 best solutions below

Stan B On 01 November 2011 at 09:20

I have found a workaround but not sure that it is a right solution. Instead of WindowsPrincipal I create a GenericPrincipal and inject user's authorization groups recieved from active directory.

var sid = new SecurityIdentifier(message.SenderId, 0);
var user = UserPrincipal.FindByIdentity(new PrincipalContext(ContextType.Domain), IdentityType.Sid, sid);
var principal = new GenericPrincipal(
                   new GenericIdentity(user.SamAccountName),
                   user.GetAuthorizationGroups().Select(g => g.SamAccountName).ToArray());
bool authorized = AuthorizationFactory.GetAuthorizationProvider().Authorize(principal, operation);

How to get sender's WindowsIdentity from recieved msmq message?

There are 1 best solutions below

Related Questions in C#

Related Questions in SECURITY

Related Questions in MSMQ

Related Questions in WINDOWS-IDENTITY

Trending Questions

Popular # Hahtags

Popular Questions