I am wondering if there is a way to check user permissions on ACLs in C #. I am creating a large system that will use the active directory for authentication, and I would like to use as much plumbing as possible to protect the windows. After spending the last couple of hours looking at System.Security.AccessControl, I'm not sure if it provides an easy way to check users token against its ACL. It seems like it is much more focused on manipulating Windows security descriptors, although abstract classes are enough to implement the user system.
I am looking at Authz APIs that seem much more flexible and have a function (AuthzAccessCheck) that allows me to check the context for a security descriptor. I do not mind wrapping them if I need to.
Has anyone had a similar problem, and if so, what were the pros and cons that you saw?
security c # windows acl
Steve severance
source share