//
// Note that method will demand PrincipalControlPermission
// which essentially means demanding full trust
//
internal IIdentity GetIdentity()
{
CheckThrow(true);
IIdentity result = null;
string name = _Context.IsServer? _Context.AssociatedName: _Context.Spn;
string protocol = "NTLM";
protocol = _Context.ProtocolName;
if (_Context.IsServer)
{
SafeCloseHandle token = null;
try {
token = _Context.GetContextToken();
string authtype = _Context.ProtocolName;
result = new WindowsIdentity(token.DangerousGetHandle(), authtype, WindowsAccountType.Normal, true);
return(result);
}
catch (SecurityException) {
//ignore and construct generic Identity if failed due to security problem
}
finally {
if (token != null)
{
token.Close();
}
}
}
// on the client we don't have access to the remote side identity.
result = new GenericIdentity(name, protocol);
return(result);
}
internal IIdentity GetIdentity()
{
CheckThrow(true);
IIdentity result = null;
string name = _context.IsServer ? _context.AssociatedName : _context.Spn;
string protocol = "NTLM";
protocol = _context.ProtocolName;
if (_context.IsServer)
{
SecurityContextTokenHandle token = null;
try
{
token = _context.GetContextToken();
string authtype = _context.ProtocolName;
// TODO #5241:
// The following call was also specifying WindowsAccountType.Normal, true.
// WindowsIdentity.IsAuthenticated is no longer supported in CoreFX.
result = new WindowsIdentity(token.DangerousGetHandle(), authtype);
return(result);
}
catch (SecurityException)
{
// Ignore and construct generic Identity if failed due to security problem.
}
finally
{
if (token != null)
{
token.Dispose();
}
}
}
// On the client we don't have access to the remote side identity.
result = new GenericIdentity(name, protocol);
return(result);
}