You can use GenericIdentity as a concrete implementation of Identity where you want to supply the details yourself, programmatically, about the current user. Pretty good if you have identified and authenticated the user yourself, through other channels.

您可以使用 GenericIdentity 作为 Identity 的具体实现，您希望自己以编程方式提供有关当前用户的详细信息。如果您自己通过其他渠道识别和验证了用户，那就太好了。

Check out

查看

http://msdn.microsoft.com/en-us/library/system.security.principal.genericidentity.aspx

http://msdn.microsoft.com/en-us/library/system.security.principal.genericidentity.aspx

You will find some examples up there. It represents a generic user.

你会在上面找到一些例子。它代表一个通用用户。

Authentication and profile perissions.

身份验证和配置文件权限。

GenericIdentityand GenericPrincipalare the simplest way of describing a user as a "principal". This can be used for implementation-unaware security checking in an application - i.e. if the user logs in as "Fred" with the "User" and "Admin" permissions:

GenericIdentity并且GenericPrincipal是将用户描述为“委托人”的最简单方式。这可用于在应用程序中进行无实现的安全检查——即，如果用户以具有“用户”和“管理员”权限的“Fred”身份登录：

    string[] roles = { "User", "Admin" };
    Thread.CurrentPrincipal = new GenericPrincipal(
        new GenericIdentity("Fred"), roles);

You might do this at the point of client login to a winform, or there are specific points to do this in WCF, ASP.NET, etc.

您可以在客户端登录到 winform 时执行此操作，或者在 WCF、ASP.NET 等中有特定点可以执行此操作。

Then later code, without having to know howthose permissions are handled, can check that permission - either via IsInRole, or declaratively:

之后的代码无需知道这些权限是如何处理的，就可以检查该权限 - 通过IsInRole或声明式：

[PrincipalPermission(SecurityAction.Demand, Role = "Admin")]
void SomeAdminFunction() { }

Some useful utility code here is null-safe wrappers around principal/identity:

这里一些有用的实用程序代码是围绕主体/身份的空安全包装器：

public static string GetUsername() {
    IPrincipal principal = Thread.CurrentPrincipal;
    IIdentity identity = principal == null ? null : principal.Identity;
    return identity == null ? null : identity.Name;
}
public static bool IsInRole(string role) {
    IPrincipal principal = Thread.CurrentPrincipal;
    return principal == null ? false : principal.IsInRole(role);
}

Then you might have some audit code in your DAL:

那么你的 DAL 中可能有一些审计代码：

row.UpdatedBy = MyUtilityClass.GetUsername();

GenericPrincipalis useful for the simple cases of a plain username and set of known roles. More sophisticated principal implementations might, for example, do "on demand" access checking - i.e. until you ask for the "Foo" role it doesn't know - it then finds out (by talking to a web-service, database, active-directory, etc) and caches the result for future access. This is useful when the list of potential roles is large, and the number of roles typically queried in realityis small.

GenericPrincipal对于普通用户名和已知角色集的简单情况很有用。例如，更复杂的主体实现可能会进行“按需”访问检查 - 即，直到您请求它不知道的“Foo”角色 - 然后它会发现（通过与 Web 服务、数据库、主动-目录等）并缓存结果以供将来访问。当潜在角色列表很大，而现实中通常查询的角色数量很少时，这很有用。

You can also use a principal to store extra identity information that is only needed in certain contexts - for example, a security token. Callers might test the principal with asto see if it supports the extra data.

您还可以使用主体来存储仅在某些上下文中需要的额外身份信息 - 例如，安全令牌。调用者可能会测试主体as以查看它是否支持额外的数据。

Using "principal" is useful because your logic processing code can talk about identity, without having to know whether this is winforms, ASP.NET, WCF, a windows service, etc - it is abstract. Additionally, some 3rd party code will also talk to the principal.

使用“principal”很有用，因为您的逻辑处理代码可以谈论身份，而不必知道这是否是 winforms、ASP.NET、WCF、Windows 服务等 - 它是抽象的。此外，一些 3rd 方代码也会与校长交谈。

As another example - I wrote some example code herethat shows how to use the principal to control access to winform controls via the designer (via an IExtenderProvider- which puts extra entries into the property grid in VS).

作为另一个例子 - 我在这里写了一些示例代码，展示了如何使用主体来通过设计器控制对 winform 控件的访问（通过IExtenderProvider- 将额外的条目放入 VS 的属性网格中）。

GenericIdentity Class:- The GenericIdentity class implements the IIdentity interface. It represents the identity of the user based on a custom authentication method defined by the application. GenericPrincipal class:- The GenericPrincipal class implements the IPrincipal interface. It represents users and roles that exist independent of Windows users and their roles. Essentially, the generic principal is a simple solution for application authentication and authorization.

GenericIdentity 类：- GenericIdentity 类实现了 IIdentity 接口。它表示基于应用程序定义的自定义身份验证方法的用户身份。GenericPrincipal 类：- GenericPrincipal 类实现 IPrincipal 接口。它代表独立于 Windows 用户及其角色而存在的用户和角色。本质上，通用主体是用于应用程序身份验证和授权的简单解决方案。