public enum SecurityRoleModel
{
    WindowsGroups,
    EnterpriseServices,
    Either,
    Both
}
public class UnifiedPrincipal : IPrincipal
{
   static public void SetModel(){}
   static public void SetModel(string appName){}
   static public void SetModel(SecurityRoleModel model){}
   static public void SetModel(string appName,SecurityRoleModel model){}

   //IPrincipal methods:
   public IIdentity Identity { get; }
   public bool IsInRole(string role);
   /* Rest of class definition: protected methods and members  */
}

public static string GetAppNameFromAssembly(Assembly assembly)
{
    Type AttributeType = typeof(ApplicationNameAttribute);

    object[] objArray = assembly.GetCustomAttributes(AttributeType,true);

    //One ApplicationName attribute is allowed at most
    Debug.Assert(objArray.Length == 1 || objArray.Length == 0);
    if(objArray.Length == 0)
    {
      //In the absence of ApplicationName attribute, assembly name is  
      //used
      AssemblyName assemblyName = assembly.GetName();
      return assemblyName.Name;
    }

    ApplicationNameAttribute appNameAttribute;
    appNameAttribute = (ApplicationNameAttribute)objArray[0];

    return appNameAttribute.Value;
}

public class UnifiedPrincipal : IPrincipal
{
   protected string m_AppName;
   protected IIdentity m_Identity;
   protected IPrincipal m_DefaultPrincipal;
   protected SecurityRoleModel m_Model;

   protected UnifiedPrincipal(SecurityRoleModel model)
   {
      AppDomain currentDomain = Thread.GetDomain();
      currentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);

      if(model == SecurityRoleModel.WindowsGroups)
      {
         return;// Don't do anything, default is fine
      }

      m_Model = model;
      m_AppName = "";

      //Save old principal 
      m_DefaultPrincipal = Thread.CurrentPrincipal;

      //use current identity 
      m_Identity = Thread.CurrentPrincipal.Identity;

      //Make us the principal for this thread
      Thread.CurrentPrincipal = this;

      //Make sure all future threads in this app domain use this 
      //principal but because default principal cannot be set twice:
      if(m_DefaultPrincipal is UnifiedPrincipal == false)
      {
         currentDomain.SetThreadPrincipal(this);
      }
   }
   /* Rest of the class definition */
}

public bool IsInRole(string role)
{
   switch(m_Model)
   {
      case SecurityRoleModel.Either:
      {
         return IsInWindowsGroup(role) || IsInEnterpriseServicesRole(role);
      }                
      case SecurityRoleModel.EnterpriseServices:
      {
         return IsInEnterpriseServicesRole(role);
      }
      case SecurityRoleModel.Both:
      {
         return IsInWindowsGroup(role) && IsInEnterpriseServicesRole(role);
      }
      default:
      {
         Debug.Assert(false);
         return false;
      }
   }
}

using COMAdmin;

public class UnifiedPrincipal : IPrincipal
{
   protected string m_AppName;
   protected IIdentity m_Identity;
   protected SecurityRoleModel m_Model;
        
   protected bool IsInEnterpriseServicesRole(string role)
   {   
      bool inRole = false;
      string userName = m_Identity.Name;
      //Find application
      ICOMAdminCatalog catalog;
      ICatalogCollection applicationCollection;            
      ICatalogObject application = null;
      int applicationCount;
      int appIndex = 0; 
        
      catalog = (ICOMAdminCatalog)new COMAdminCatalog();
      applicationCollection =  
      (ICatalogCollection)catalog.GetCollection("Applications");
            
      //Read the information from the catalog
      applicationCollection.Populate(); 
      applicationCount = applicationCollection.Count;

      string tempName ="";
      while(tempName != m_AppName && appIndex < applicationCount)
      {
         //Get the current application
         application= (ICatalogObject)applicationCollection.get_Item
                      (appIndex++);
         tempName = application.Name.ToString();
      }
      object appKey = application.Key;

      //Get Roles collection
      ICatalogCollection roleCollection;  
      roleCollection = 
      (ICatalogCollection)applicationCollection.GetCollection("Roles",appKey);
      roleCollection.Populate();
      int roleIndex = 0;
      while(inRole == false && roleIndex <roleCollection.Count)
      {
         //Get individual role
         ICatalogObject roleObj;
         roleObj = (ICatalogObject)roleCollection.get_Item(roleIndex);
         if(roleObj.Name.ToString() != role)
         {
            roleIndex++;
            continue;
         }
         //Role name match. get users collection, and check each user 
         object roleKey = roleObj.Key;
         ICatalogCollection userCollection;  
         userCollection = (ICatalogCollection)roleCollection.GetCollection
                          ("UsersInRole",roleKey);
         userCollection.Populate();
         int userIndex = 0;
         while(inRole == false && userIndex <userCollection.Count)
         {
            //Get individual user object
            ICatalogObject user;
            user = (ICatalogObject)userCollection.get_Item(userIndex);
            //for each user, get users name, and compare 
            if (userName == user.Name.ToString())
            {
               inRole = true;
               break; 
            }
            //User in a role can actually be a user group. Check membership
            //by using generic principal, that considers user group as 
            //"role"
             inRole = IsInWindowsGroup(user.Name.ToString());
             userIndex++;
         }
         roleIndex++;
      }
      return inRole;
   }
   /* Rest of the class definition */
}