113 lines
3.3 KiB
C++
113 lines
3.3 KiB
C++
|
//+---------------------------------------------------------------------------
|
||
|
//
|
||
|
// Copyright (C) 1996, Microsoft Corporation
|
||
|
//
|
||
|
// File: secident.hxx
|
||
|
//
|
||
|
// Contents: Security identity, to determine if two requests are on
|
||
|
// behalf of the same authenticated ID.
|
||
|
//
|
||
|
// Class: CSecurityIdentity
|
||
|
//
|
||
|
// History: 23 Jan 96 Alanw Created
|
||
|
//
|
||
|
//----------------------------------------------------------------------------
|
||
|
|
||
|
#pragma once
|
||
|
|
||
|
//+---------------------------------------------------------------------------
|
||
|
//
|
||
|
// Class: CSecurityIdentity
|
||
|
//
|
||
|
// Purpose: Identify the client of a query for query caching.
|
||
|
//
|
||
|
// History: 23 Jan 1996 AlanW Created
|
||
|
//
|
||
|
// Notes: The token's ModifiedId is used to correlate tokens with
|
||
|
// the same SIDs and Privileges. The ModifiedId is changed
|
||
|
// any time a token is changed. On a server, the privileges
|
||
|
// are not modified, so the ModifiedId doesn't change typically.
|
||
|
//
|
||
|
// The ModifiedId is a LUID, so it's very convenient for
|
||
|
// comparisons.
|
||
|
//
|
||
|
//----------------------------------------------------------------------------
|
||
|
|
||
|
class CSecurityIdentity
|
||
|
{
|
||
|
public:
|
||
|
inline CSecurityIdentity();
|
||
|
CSecurityIdentity( CSecurityIdentity const & securityIdentity )
|
||
|
{
|
||
|
_TokenModifiedId = securityIdentity._TokenModifiedId;
|
||
|
}
|
||
|
|
||
|
void SetSecurityToken( CSecurityIdentity const & securityIdentity )
|
||
|
{
|
||
|
_TokenModifiedId = securityIdentity._TokenModifiedId;
|
||
|
}
|
||
|
|
||
|
inline BOOL IsEqual( CSecurityIdentity const & Other ) const;
|
||
|
|
||
|
private:
|
||
|
|
||
|
LUID _TokenModifiedId; // the token ID
|
||
|
};
|
||
|
|
||
|
|
||
|
//+---------------------------------------------------------------------------
|
||
|
//----------------------------------------------------------------------------
|
||
|
HANDLE GetSecurityToken(TOKEN_STATISTICS & TokenInformation);
|
||
|
|
||
|
//+---------------------------------------------------------------------------
|
||
|
//
|
||
|
// Method: CSecurityIdentity::CSecurityIdentity, public
|
||
|
//
|
||
|
// Synopsis: Constructor of a CSecurityIdentity. Get information
|
||
|
// from a token to identify the client.
|
||
|
//
|
||
|
// Arguments: - none -
|
||
|
//
|
||
|
// History: 25 Jan 96 Alanw Created
|
||
|
//
|
||
|
//----------------------------------------------------------------------------
|
||
|
|
||
|
inline CSecurityIdentity::CSecurityIdentity()
|
||
|
{
|
||
|
_TokenModifiedId.LowPart = 0;
|
||
|
_TokenModifiedId.HighPart = 0;
|
||
|
|
||
|
TOKEN_STATISTICS TokenInformation;
|
||
|
HANDLE hToken = GetSecurityToken(TokenInformation);
|
||
|
CloseHandle( hToken );
|
||
|
|
||
|
_TokenModifiedId = TokenInformation.ModifiedId;
|
||
|
}
|
||
|
|
||
|
//+---------------------------------------------------------------------------
|
||
|
//
|
||
|
// Method: CSecurityIdentity::IsEqual, public
|
||
|
//
|
||
|
// Synopsis: Test for equality.
|
||
|
//
|
||
|
// Arguments: [Other] -- Token to compare
|
||
|
//
|
||
|
// Returns: TRUE if tokens are equal
|
||
|
//
|
||
|
// History: 25 Jan 96 Alanw Created
|
||
|
//
|
||
|
//----------------------------------------------------------------------------
|
||
|
|
||
|
inline BOOL CSecurityIdentity::IsEqual( CSecurityIdentity const & Other ) const
|
||
|
{
|
||
|
//
|
||
|
// Note: The cast to int64 works *only* for equality!
|
||
|
//
|
||
|
|
||
|
Win4Assert( sizeof( _TokenModifiedId ) == sizeof( LARGE_INTEGER ) );
|
||
|
|
||
|
return ( ((UNALIGNED LARGE_INTEGER *)&_TokenModifiedId)->QuadPart ==
|
||
|
((UNALIGNED LARGE_INTEGER *)&Other._TokenModifiedId)->QuadPart);
|
||
|
}
|
||
|
|