Last post Mar 20, 2013 08:42 AM by mm10
Mar 19, 2013 09:21 PM|AndyW2009|LINK
I have a managed windows service (C# .Net 4) that is using Transport Security Mode with TransportCredentialType.Windows.
All is working fine, however, I want to be able to check the credential that is passed to see if it is a member of a specific Active Directory security group.
I figure that I need to write a custom WindowsSecurityTokenAuthenticator or something like that, or I need to write some other Authorization routine.
Does anyone have an example on how to do either of these.
Edit: Sorry, I forgot to add, needs to be done in code as there is no config file.
Mar 20, 2013 08:41 AM|kushalrdalal|LINK
Please check this -
Mar 20, 2013 08:42 AM|mm10|LINK
If your service is using Windows authentication you should be able to evaluate the WindowsIdentity.Groups property of the current security context:
WindowsIdentity caller = ServiceSecurityContext.Current.WindowsIdentity;
List<string> groups = new List<string>();
foreach(var group in caller.Groups)