Share via


IHostSecurityManager Interface

Provides methods that allow access to and control over the security context of the currently executing thread.

interface IHostSecurityManager : IUnknown {
    HRESULT GetSecurityContext (
        [in]  EContextType eContextType, 
        [out] IHostSecurityContext** ppSecurityContext
    );
    HRESULT ImpersonateLoggedOnUser (
        [in]  HANDLE hToken
    );
    HRESULT OpenThreadToken (
        [in]  DWORD   dwDesiredAccess, 
        [in]  BOOL    bOpenAsSelf, 
        [out] HANDLE  *phThreadToken
    );
    HRESULT RevertToSelf ();
    HRESULT SetSecurityContext (
        [in]  EContextType eContextType, 
        [in]  IHostSecurityContext* pSecurityContext
    );
    HRESULT SetThreadToken (
        [in]  HANDLE hToken
    );
};

Methods

Method

Description

IHostSecurityManager::GetSecurityContext Method

Gets the requested IHostSecurityContext from the host.

IHostSecurityManager::ImpersonateLoggedOnUser Method

Requests that code be executed using the credentials of the current user identity.

IHostSecurityManager::OpenThreadToken Method

Opens the discretionary access token associated with the current thread.

IHostSecurityManager::RevertToSelf Method

Terminates impersonation of the current user identity and returns the original thread token.

IHostSecurityManager::SetSecurityContext Method

Sets the security context for the currently executing thread.

IHostSecurityManager::SetThreadToken Method

Sets a handle for the currently executing thread.

Remarks

A host can control all code access to thread tokens by both the common language runtime (CLR) and user code. It can also ensure that complete security context information is passed across asynchronous operations or code points with restricted code access. IHostSecurityContext encapsulates this security context information, which is opaque to the CLR.

The CLR handles managed thread context internally. It queries the process-specific IHostSecurityManager in the following situations:

  • On the finalizer thread, during finalizer execution.

  • During class and module constructor execution.

  • At asynchronous points on the worker thread, in calls to the IHostThreadPoolManager::QueueUserWorkItem method.

  • In servicing of I/O completion ports.

Requirements

Platforms: Windows 2000, Windows XP, Windows Server 2003 family

Header: MSCorEE.idl

Library: Included as a resource in MSCorEE.dll

.NET Framework Version: 2.0

See Also

Concepts

IHostSecurityContext Interface

Hosting Interfaces