com.jniwrapper.win32.security
Class AccessToken

java.lang.Object
  extended by com.jniwrapper.Parameter
      extended by com.jniwrapper.Pointer.Void
          extended by com.jniwrapper.win32.Handle
              extended by com.jniwrapper.win32.security.AccessToken
All Implemented Interfaces:
com.jniwrapper.IntegerParameter, com.jniwrapper.PointerParameter

public class AccessToken
extends Handle

This class helps to retrieve information about access tokens, containing the security information for a logon session. The token identifies the user, the user's groups, and the user's privileges.


Nested Class Summary
static class AccessToken.TokenInformationClass
          This class is the wrapper for the TOKEN_INFORMATION_CLASS enumeration, which contains values that specify the type of information being assigned to or retrieved from the AccessToken class.
 
Field Summary
static int TOKEN_ADJUST_DEFAULT
          Changes the default owner, primary group, or DACL of access token
static int TOKEN_ADJUST_GROUPS
          Adjusts the attributes of the groups in access token
static int TOKEN_ADJUST_PRIVILEGES
          Enables or disables the privileges in access token
static int TOKEN_ADJUST_SESSIONID
          Adjusts the session ID of access token
static int TOKEN_ASSIGN_PRIMARY
          Attaches a primary token to a process.
static int TOKEN_DUPLICATE
          Duplicates access token.
static int TOKEN_IMPERSONATE
          Attaches impersonation access token to a process
static int TOKEN_QUERY
          Queries access token
static int TOKEN_QUERY_SOURCE
          Queries the source of access token
 
Fields inherited from class com.jniwrapper.win32.Handle
INFINITE_TIMEOUT, INVALID_HANDLE_VALUE, STATUS_ABANDONED_WAIT_0, STATUS_TIMEOUT, STATUS_WAIT_0
 
Fields inherited from class com.jniwrapper.Parameter
LICENSE_TYPE, V
 
Constructor Summary
AccessToken()
          Creates a process token for the current process with ADJUST_PRIVILEGES, QUERY access.
 
Method Summary
static boolean checkTokenMembership(AccessToken accessToken, Sid sidToCheck)
          Determines whether a specified security identifier (SID) is enabled in an access token.
 boolean enablePrivelege(java.lang.String name)
          Enables the specified privilege.
 TokenGroups getTokenGroups()
          Get groups from the token.
static boolean getTokenInformation(Handle tokenHandle, AccessToken.TokenInformationClass tokenInformationClass, com.jniwrapper.Parameter tokenUserPtrVoid, com.jniwrapper.UInt32 tokenInformationLength, com.jniwrapper.Pointer returnLength)
          Retrieves a specified type of information about an access token
static boolean openProcessToken(Handle processHandle, int desiredAcces, Handle resultToken)
          Opens the access token associated with a process.
 
Methods inherited from class com.jniwrapper.win32.Handle
clone, closeHandle, equals, waitFor, waitFor
 
Methods inherited from class com.jniwrapper.Pointer.Void
asFunction, asFunction, asTypedPointer, castTo, castTo, getDebugInfo, getLength, getValue, hashCode, isNull, read, setValue, toString, write
 
Methods inherited from class com.jniwrapper.Parameter
, a, a, acceptIOPerformer, asReturnValue, b, dataBufferAssigned, getAlignedLength, getAlignmentRequirement, getDataBuffer, getDataBufferOffset, indent, pop, push, read, read, setDataBuffer, toByteArray, write
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

TOKEN_ASSIGN_PRIMARY

public static final int TOKEN_ASSIGN_PRIMARY
Attaches a primary token to a process.

See Also:
Constant Field Values

TOKEN_DUPLICATE

public static final int TOKEN_DUPLICATE
Duplicates access token.

See Also:
Constant Field Values

TOKEN_IMPERSONATE

public static final int TOKEN_IMPERSONATE
Attaches impersonation access token to a process

See Also:
Constant Field Values

TOKEN_QUERY

public static final int TOKEN_QUERY
Queries access token

See Also:
Constant Field Values

TOKEN_QUERY_SOURCE

public static final int TOKEN_QUERY_SOURCE
Queries the source of access token

See Also:
Constant Field Values

TOKEN_ADJUST_PRIVILEGES

public static final int TOKEN_ADJUST_PRIVILEGES
Enables or disables the privileges in access token

See Also:
Constant Field Values

TOKEN_ADJUST_GROUPS

public static final int TOKEN_ADJUST_GROUPS
Adjusts the attributes of the groups in access token

See Also:
Constant Field Values

TOKEN_ADJUST_DEFAULT

public static final int TOKEN_ADJUST_DEFAULT
Changes the default owner, primary group, or DACL of access token

See Also:
Constant Field Values

TOKEN_ADJUST_SESSIONID

public static final int TOKEN_ADJUST_SESSIONID
Adjusts the session ID of access token

See Also:
Constant Field Values
Constructor Detail

AccessToken

public AccessToken()
Creates a process token for the current process with ADJUST_PRIVILEGES, QUERY access.

Method Detail

openProcessToken

public static boolean openProcessToken(Handle processHandle,
                                       int desiredAcces,
                                       Handle resultToken)
Opens the access token associated with a process.

Parameters:
processHandle - - Handle to the process whose access token is opened.
desiredAcces - - Specifies an access mask that specifies the requested types of access to the access token.
resultToken - - Pointer to a handle that identifies the newly opened access token.
Returns:
true if succeeded, else returns false

getTokenInformation

public static boolean getTokenInformation(Handle tokenHandle,
                                          AccessToken.TokenInformationClass tokenInformationClass,
                                          com.jniwrapper.Parameter tokenUserPtrVoid,
                                          com.jniwrapper.UInt32 tokenInformationLength,
                                          com.jniwrapper.Pointer returnLength)
Retrieves a specified type of information about an access token

Parameters:
tokenHandle - - Handle to access token.
tokenInformationClass - - Specifies a value from the TOKEN_INFORMATION_CLASS enumerated type to identify the type of information the function retrieves.
tokenUserPtrVoid - - Pointer to a buffer the function fills with the requested information.
tokenInformationLength - - Specifies the size, in bytes, of the buffer pointed to by the TokenInformation parameter.
returnLength - - Pointer to a variable that receives the number of bytes needed for the buffer.
Returns:
true if succeeded, else returns false

enablePrivelege

public boolean enablePrivelege(java.lang.String name)
Enables the specified privilege.

Parameters:
name - name of the privilege
Returns:
true if succeeded, else returns false

getTokenGroups

public TokenGroups getTokenGroups()
Get groups from the token.

Returns:
TOKEN_GROUPS structure wrapper

checkTokenMembership

public static boolean checkTokenMembership(AccessToken accessToken,
                                           Sid sidToCheck)
Determines whether a specified security identifier (SID) is enabled in an access token.

Parameters:
accessToken - Handle to an access token. The handle must have TOKEN_QUERY access to the token. If TokenHandle is NULL, CheckTokenMembership uses the impersonation token of the calling thread. If the thread is not impersonating, the function duplicates the thread's primary token to create an impersonation token.
sidToCheck - SID structure. The CheckTokenMembership function checks for the presence of this SID in the user and group SIDs of the access token.
Returns:
if the SID is present and has the SE_GROUP_ENABLED attribute, method returns true; otherwise, it returns false.