com.jniwrapper.win32.security

Class AccessToken

java.lang.Object

com.jniwrapper.Parameter

com.jniwrapper.Pointer.Void

com.jniwrapper.win32.Handle

com.jniwrapper.win32.security.AccessToken

All Implemented Interfaces:

com.jniwrapper.IntegerParameter, com.jniwrapper.PointerParameter

public class AccessToken
extends Handle

This class helps to retrieve information about access tokens, containing the security information for a logon session. The token identifies the user, the user's groups, and the user's privileges.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AccessToken.TokenInformationClass This class is the wrapper for the TOKEN_INFORMATION_CLASS enumeration, which contains values that specify the type of information being assigned to or retrieved from the AccessToken class.

Field Summary

Fields

Modifier and Type	Field and Description
static int	TOKEN_ADJUST_DEFAULT Changes the default owner, primary group, or DACL of access token
static int	TOKEN_ADJUST_GROUPS Adjusts the attributes of the groups in access token
static int	TOKEN_ADJUST_PRIVILEGES Enables or disables the privileges in access token
static int	TOKEN_ADJUST_SESSIONID Adjusts the session ID of access token
static int	TOKEN_ASSIGN_PRIMARY Attaches a primary token to a process.
static int	TOKEN_DUPLICATE Duplicates access token.
static int	TOKEN_IMPERSONATE Attaches impersonation access token to a process
static int	TOKEN_QUERY Queries access token
static int	TOKEN_QUERY_SOURCE Queries the source of access token

Fields inherited from class com.jniwrapper.win32.Handle

INFINITE_TIMEOUT, INVALID_HANDLE_VALUE, STATUS_ABANDONED_WAIT_0, STATUS_TIMEOUT, STATUS_WAIT_0

Fields inherited from class com.jniwrapper.Parameter

LICENSE_TYPE, V

Constructor Summary

Constructors

Constructor and Description
AccessToken() Creates a process token for the current process with ADJUST_PRIVILEGES, QUERY access.

Method Summary

Modifier and Type	Method and Description
static boolean	checkTokenMembership(AccessToken accessToken, Sid sidToCheck) Determines whether a specified security identifier (SID) is enabled in an access token.
boolean	enablePrivelege(java.lang.String name) Enables the specified privilege.
TokenGroups	getTokenGroups() Get groups from the token.
static boolean	getTokenInformation(Handle tokenHandle, AccessToken.TokenInformationClass tokenInformationClass, com.jniwrapper.Parameter tokenUserPtrVoid, com.jniwrapper.UInt32 tokenInformationLength, com.jniwrapper.Pointer returnLength) Retrieves a specified type of information about an access token
static boolean	openProcessToken(Handle processHandle, int desiredAcces, Handle resultToken) Opens the access token associated with a process.

Methods inherited from class com.jniwrapper.win32.Handle

clone, closeHandle, equals, waitFor, waitFor

Methods inherited from class com.jniwrapper.Pointer.Void

asFunction, asFunction, asTypedPointer, castTo, castTo, getDebugInfo, getLength, getValue, hashCode, isNull, read, setValue, toString, write

Methods inherited from class com.jniwrapper.Parameter

acceptIOPerformer, asReturnValue, dataBufferAssigned, getAlignedLength, getAlignmentRequirement, getDataBuffer, getDataBufferOffset, indent, pop, push, read, read, setDataBuffer, toByteArray, write

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

TOKEN_ASSIGN_PRIMARY

public static final int TOKEN_ASSIGN_PRIMARY

Attaches a primary token to a process.

See Also:

Constant Field Values

TOKEN_DUPLICATE

public static final int TOKEN_DUPLICATE

Duplicates access token.

See Also:

Constant Field Values

TOKEN_IMPERSONATE

public static final int TOKEN_IMPERSONATE

Attaches impersonation access token to a process

See Also:

Constant Field Values

TOKEN_QUERY

public static final int TOKEN_QUERY

Queries access token

See Also:

Constant Field Values

TOKEN_QUERY_SOURCE

public static final int TOKEN_QUERY_SOURCE

Queries the source of access token

See Also:

Constant Field Values

TOKEN_ADJUST_PRIVILEGES

public static final int TOKEN_ADJUST_PRIVILEGES

Enables or disables the privileges in access token

See Also:

Constant Field Values

TOKEN_ADJUST_GROUPS

public static final int TOKEN_ADJUST_GROUPS

Adjusts the attributes of the groups in access token

See Also:

Constant Field Values

TOKEN_ADJUST_DEFAULT

public static final int TOKEN_ADJUST_DEFAULT

Changes the default owner, primary group, or DACL of access token

See Also:

Constant Field Values

TOKEN_ADJUST_SESSIONID

public static final int TOKEN_ADJUST_SESSIONID

Adjusts the session ID of access token

See Also:

Constant Field Values

Constructor Detail

AccessToken

public AccessToken()

Creates a process token for the current process with ADJUST_PRIVILEGES, QUERY access.

Method Detail

openProcessToken

public static boolean openProcessToken(Handle processHandle,
                                       int desiredAcces,
                                       Handle resultToken)

Opens the access token associated with a process.

Parameters:

processHandle - - Handle to the process whose access token is opened.

desiredAcces - - Specifies an access mask that specifies the requested types of access to the access token.

resultToken - - Pointer to a handle that identifies the newly opened access token.

Returns:

true if succeeded, else returns false

getTokenInformation

public static boolean getTokenInformation(Handle tokenHandle,
                                          AccessToken.TokenInformationClass tokenInformationClass,
                                          com.jniwrapper.Parameter tokenUserPtrVoid,
                                          com.jniwrapper.UInt32 tokenInformationLength,
                                          com.jniwrapper.Pointer returnLength)

Retrieves a specified type of information about an access token

Parameters:

tokenHandle - - Handle to access token.

tokenInformationClass - - Specifies a value from the TOKEN_INFORMATION_CLASS enumerated type to identify the type of information the function retrieves.

tokenUserPtrVoid - - Pointer to a buffer the function fills with the requested information.

tokenInformationLength - - Specifies the size, in bytes, of the buffer pointed to by the TokenInformation parameter.

returnLength - - Pointer to a variable that receives the number of bytes needed for the buffer.

Returns:

true if succeeded, else returns false

enablePrivelege

public boolean enablePrivelege(java.lang.String name)

Enables the specified privilege.

Parameters:

name - name of the privilege

Returns:

true if succeeded, else returns false

getTokenGroups

public TokenGroups getTokenGroups()

Get groups from the token.

Returns:

TOKEN_GROUPS structure wrapper

checkTokenMembership

public static boolean checkTokenMembership(AccessToken accessToken,
                                           Sid sidToCheck)

Determines whether a specified security identifier (SID) is enabled in an access token.

Parameters:

accessToken - Handle to an access token. The handle must have TOKEN_QUERY access to the token. If TokenHandle is NULL, CheckTokenMembership uses the impersonation token of the calling thread. If the thread is not impersonating, the function duplicates the thread's primary token to create an impersonation token.

sidToCheck - SID structure. The CheckTokenMembership function checks for the presence of this SID in the user and group SIDs of the access token.

Returns:

if the SID is present and has the SE_GROUP_ENABLED attribute, method returns true; otherwise, it returns false.