[英]WCF, entity framework and impersonation
I'm developing a WCF service who use windows authentication to validate client credentials. 我正在开发使用Windows身份验证来验证客户端凭据的WCF服务。
Using this binding it works pretty fine 使用此绑定可以正常工作
<basicHttpBinding>
<binding>
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
With the following service method : 使用以下服务方法:
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class PricesSynchro : IPricesSynchro
{
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public string Hello()
{
return "Hello " + OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Name;
}
But now I would use entity framework with trusted connection using these credentials and it doesn't work. 但是现在我将使用这些凭据将实体框架与受信任的连接一起使用,并且它不起作用。 I tried to impersonate using the following code :
我尝试使用以下代码模拟:
using(OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Impersonate())
{
}
Where did I fail ? 我在哪里失败了? I'm banging my head on the wall since 8 hours... Thanks by advance.
自从8个小时以来,我一直在敲墙。
Your process is probably not authorized to delegate its impersonation to another server. 您的进程可能无权将其模拟委派给另一台服务器。 As documented here :
作为记录在这里 :
When the impersonation level is Impersonation, the front-end and back-end services must be running on the same machine.
当模拟级别为模拟时,前端和后端服务必须在同一台计算机上运行。 When the impersonation level is Delegation, the front-end and back-end services can be on separate machines or on the same machine.
当模拟级别为“委派”时,前端和后端服务可以位于单独的计算机上,也可以位于同一台计算机上。 Enabling delegation-level impersonation requires that Windows domain policy be configured to permit delegation.
启用委派级模拟需要将Windows域策略配置为允许委派。
Most likely your admins do not have the Delegation domain policy turned on. 您的管理员很可能没有启用“委派”域策略。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.