Location: Symbol Reference > Classes > TJwSecurityToken Class
|
|
Name |
Description |
 |
.$IFNDEF DELPHI2009_UP | |
|
|
This is GetHashCode, a member of class IJwBase. | |
|
|
This is ToString, a member of class IJwBase. |
|
|
Name |
Description |
|
|
CheckTokenMembership checks whether a given SID is member of the token. It returns true if the SID could be found in the list ignoring whether the SID is enabled or not; otherwise it returns false. | |
 |
ConvertToImpersonatedToken converts the token into an impersonated token. For this purpose the token will be converted and the old TokenHandle will be closed. The impersonated token will be the new TokenHandle. It does nothing if the token is already impersonated. The token instance must be opened with TOKEN_DUPLICATE access right. Actually you can impersonate a shared token. The impersonated token will be copied into the instance property TokenHandle. The old handle will not be closed if Share is set to true. You must save the old value to close it by yourself. Because the old handle is discarded... more | |
|
|
ConvertToPrimaryToken converts the token into a primary (or process) token. It does nothing if the token is already a primary token. The token instance must be opened with TOKEN_DUPLICATE access right. Actually you can impersonate a shared token. The primary token will be copied into the instance property TokenHandle. The old handle will not be closed if Share is set to true. You must save the old value to close it by yourself. Because the old handle is discarded you must call these functions again : GetTokenPrivileges ConvertToPrimaryToken needs the following access rights:
| |
|
|
CopyLUID copies a LUID and returns it | |
|
|
Create_OBJECT_ATTRIBUTES creates and initialises a OBJECT_ATTRIBUTES structure. Some members need space on the heap so that Free_OBJECT_ATTRIBUTES must be called to free the structure. | |
|
|
CreateDuplicateToken duplicates the instance AND token. As the token type and impersonation level the current values of the instance are used. | |
|
|
overriden basic methods | |
|
|
Free_OBJECT_ATTRIBUTES removes memory allocated by the members which were created by Create_OBJECT_ATTRIBUTES | |
|
|
GetCurrentUserRegKey opens a registry key HKEY_CURRENT_USER of the current thread token. Use it instead of directly access HKEY_CURRENT_USER if you want to access the user registry of an impersonated user. | |
|
|
This is GetElevationType, a member of class TJwSecurityToken. | |
|
|
This is GetHashCode, a member of class TJwSecurityToken. | |
|
|
see property ImpersonationLevel | |
|
|
This is GetIntegrityLevel, a member of class TJwSecurityToken. | |
|
|
This is GetIntegrityLevelType, a member of class TJwSecurityToken. | |
|
|
This is GetLinkedToken, a member of class TJwSecurityToken. | |
|
|
This is GetMandatoryPolicy, a member of class TJwSecurityToken. | |
|
|
TOKEN_ADJUST_DEFAULT | |
|
|
This is GetPrivilegeAvailable, a member of class TJwSecurityToken. | |
|
|
SE_TCB_NAME | |
|
|
This is GetRunElevation, a member of class TJwSecurityToken. | |
|
|
GetSecurityDescriptor gets the security descriptor. The caller is responsible to free the returned instance. See TJwSecureGeneralObject.GetSecurityInfo for more information about exceptions. | |
|
|
GetThreadToken returns the token of the current thread or nil if none exists. See CreateTokenByThread for more information. | |
|
|
This is GetTokenDefaultDacl, a member of class TJwSecurityToken. | |
|
|
This is GetTokenGroups, a member of class TJwSecurityToken. | |
|
|
This is GetTokenGroupsAttributesInt, a member of class TJwSecurityToken. | |
|
|
This is GetTokenGroupsAttributesSid, a member of class TJwSecurityToken. | |
|
|
This is GetTokenGroupsEx, a member of class TJwSecurityToken. | |
|
|
GetTokenInformation returns a buffer filled with token information. | |
|
|
GetTokenInformationLength returns the needed memory for a token information. | |
|
|
TOKEN_ADJUST_DEFAULT | |
|
|
SE_TCB_NAME | |
|
|
GetTokenPrivileges creates an instance of TJwPrivilegeSet with all defined privileges of this token. The privilege set is a readonly copy. You should prefer this function if you want to make more changes. Every time you call this function, the resulted instance TJwPrivilegeSet will be saved into an internal list, that is cleared if the token instance is freed. Be aware that your pointers to these privileges instances are invalid afterwards. However you can free the result by yourself. In that case the privileges instance will be removed from the internal list. | |
|
|
This is GetTokenPrivilegesEx, a member of class TJwSecurityToken. | |
|
|
This is GetTokenRestrictedSids, a member of class TJwSecurityToken. | |
|
|
TOKEN_ADJUST_DEFAULT | |
|
|
This is the overview for the GetTokenSource method overload. | |
|
|
GetTokenStatistics gets token information in a class called TJwSecurityTokenStatistics . The programmer must free the class TJwSecurityTokenStatistics | |
|
|
see TokenType | |
|
|
This is GetTokenUser, a member of class TJwSecurityToken. | |
|
|
GetTokenUserName returns the username of the token user. | |
|
|
This is GetUserName, a member of class TJwSecurityToken. | |
|
|
This is GetVirtualizationAllowed, a member of class TJwSecurityToken. | |
|
|
This is GetVirtualizationEnabled, a member of class TJwSecurityToken. | |
|
|
HasThreadAToken returns whether the current thread has a token or not. | |
|
|
see equivalent msdn function for more information | |
|
|
The ImpersonateLoggedOnUser function lets the calling thread impersonate the security context of a logged-on user. The user is represented by a token handle. If the current instance is already a thread token (=impersonated token), the method is just impersonating it. Otherwise if the current instance is a primary token, the method is converting it to a thread token and then impersonating it. However the second case is worth mentioning because the new thread token is not related to the current token instance. That means any operations on the current instance (e.g. set privileges) don't have an effect on the token... more | |
|
|
see equivalent msdn function for more information | |
|
|
see equivalent msdn function for more information | |
|
|
IsEqual compares the token instance with a second one. This function loads a function from ntdll.dll dynamically. This function is only available on XP or better | |
|
|
This is IsTokenType, a member of class TJwSecurityToken. | |
|
|
LoadUserProfile loads the user profile of the current token instance. It also uses the roaming profile if possible. | |
|
|
This is the overview for the PrivilegeCheck method overload. | |
|
|
PrivilegeCheckEx works like PrivilegeCheck . However this function uses the winapi call PrivilegeCheck. The property Privilege_Used_For_Access in TJwPrivilege is not supported. | |
|
|
PrivilegedServiceAuditAlarm function generates an audit message in the security event log. For a detailed information see MSDN : http://msdn2.microsoft.com/en-gb/library/aa379305.aspx If you want to enable audit functions the calling process (not thread token!) needs the SeAuditPrivilege privilege. Per default only services have this privilege. However it can be enabled in group policy editor : "gpedit.msc" manager (under xp) Computer configuration -> Windows settings -> security settings -> local policies -> audit policy enable (success/failure) policy : audit privilege The parameter AccessGranted is linked with the type of policy - success or failiure. (http://www.nemesisblue.info/images%5Cgpedit1.gif) The audit event can be seen in the... more | |
|
|
RemoveThreadToken removes the token from the thread. | |
|
|
This is RetrieveSpecificAccessRights, a member of class TJwSecurityToken. | |
|
|
see equivalent msdn function for more information | |
|
|
This is the overview for the SaferComputeTokenFromLevel method overload. | |
|
|
This is the overview for the SetIntegrityLevel method overload. | |
|
|
This is SetIntegrityLevelType, a member of class TJwSecurityToken. | |
|
|
This is SetPrimaryGroup, a member of class TJwSecurityToken. | |
|
|
This is SetPrivilegeEnabled, a member of class TJwSecurityToken. | |
|
|
SetSecurityDescriptor sets the security descriptor. See TJwSecureGeneralObject.SetSecurityInfo for more information about exceptions. Warning: Changing the security descriptor's security information can lead to security holes. | |
|
|
SetThreadToken sets the thread token. | |
|
|
This is SetTokenDefaultDacl, a member of class TJwSecurityToken. | |
|
|
This is SetTokenGroups, a member of class TJwSecurityToken. | |
|
|
This is SetTokenGroupsAttributesInt, a member of class TJwSecurityToken. | |
|
|
This is SetTokenGroupsAttributesSid, a member of class TJwSecurityToken. | |
|
|
This is SetTokenOrigin, a member of class TJwSecurityToken. | |
|
|
This is SetTokenOwner, a member of class TJwSecurityToken. | |
|
|
This is SetTokenSessionId, a member of class TJwSecurityToken. | |
|
|
This is ToString, a member of class TJwSecurityToken. | |
|
|
UnLoadUserProfile unloads a user profile loaded by LoadUserProfile. Member ProfileInfo.Profile will be set to INVALID_HANDLE_VALUE. |
|
Copyright (c) 2010. All rights reserved.
This help was created by Doc-O-Matic sponsored by toolsfactory software inc. |
