prerequisite详细信息

工作在.NET 2.0。 的code是在可能与ASP.Net，Windows窗体或控制台应用程序调用一个公共库。 在公司网络上运行的Windows域。

问题

什么是获取当前用户的SID的最好方法是什么？我不是在谈论正在执行应用程序的身份，但用户谁正在访问的接口。在后台的应用程序和基于桌面应用程序，这应该是身份的实际执行应用程序，但是在ASP.Net（不impersionation），这应该是HttpContext.Current.User SID。

当前方法

这是我有现在。这似乎只是......错了。这是讨厌。有没有更好的方式来做到这一点，或者一些内置的是会为你的类？

 公共静态的SecurityIdentifier SID
{
    得到
    {
        的WindowsIdentity同一性=无效;

        如果（HttpContext.Current == NULL）
        {
            同一性= WindowsIdentity.GetCurrent（）;
        }
        其他
        {
            身份= HttpContext.Current.User.Identity为的WindowsIdentity;
        }

        返回identity.User;
    }
}
 

解决方案

我不认为这是在得到这个信息的更好方法 - you've必须让在某种程度上的WindowsPrincipal和.NET的，而干净的API抽象的用户对象后面。我只是离开这个不错，裹在方法和收工了。

好了，好了，有一件事你应该做的（除非你的网站用户的总是的将是的WindowsIdentity），这将是检查null的身份，并根据什么规则，你处理这件事有。

Prerequisite Detail

Working in .NET 2.0. The code is in a common library that could be called from ASP.Net, Windows Forms, or a Console application. Running in a Windows Domain on a corporate network.

The Question

What is the best way to get the current user's SID? I'm not talking about the identity that is executing the application, but the user who is accessing the interface. In background applications and desktop based applications this should be the identity actually executing the application, but in ASP.Net (without impersionation) this should be the HttpContext.Current.User SID.

The Current Method

This is what I've got right now. It just seems... wrong. It's nasty. Is there a better way to do this, or some built in class that does it for you?

public static SecurityIdentifier SID
{
    get
    {
        WindowsIdentity identity = null;

        if (HttpContext.Current == null)
        {
            identity = WindowsIdentity.GetCurrent();
        }
        else
        {
            identity = HttpContext.Current.User.Identity as WindowsIdentity;
        }

        return identity.User;
    }
}

解决方案

I don't think there is a better way at getting at this info--you've got to get at the WindowsPrincipal somehow and .NET's rather clean API abstracts that behind the User object. I'd just leave this nice and wrapped up in a method and call it a day.

Well, ok, there is one thing you should do (unless your web users are always going to be WindowsIdentity), which would be to check for null identity and handle it according to whatever rules you have.