Represents the security context for a message in a queue.
Assembly: System.Messaging (in System.Messaging.dll)
Thetype exposes the following members.
|Dispose||Releases all resources used by the .|
|Equals(Object)||Determines whether the specified Object is equal to the current Object. (Inherited from Object.)|
|Finalize||Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)|
|GetHashCode||Serves as a hash function for a particular type. (Inherited from Object.)|
|GetType||Gets the Type of the current instance. (Inherited from Object.)|
|MemberwiseClone||Creates a shallow copy of the current Object. (Inherited from Object.)|
|ToString||Returns a string that represents the current object. (Inherited from Object.)|
The security context contains cached security information such as an internal certificate, the corresponding private key, the user's SID, needed to attach a certificate and the sender identifier to a message when requesting authentication.
If a client, such as an ASP.NET application, impersonates a user to send a message to a queue, the identity of the user is used to access the queue. If the queue is remote, these credentials are cached and used for messages that are subsequently sent to the queue. Therefore, the SID in subsequent messages will be the cached identity of the first user that sent a message to the queue. The cached identity of the first user that sent a message to the queue will be used for subsequent users.
To overcome this problem, set the security context using SecurityContext before sending a message to a remote queue to ensure that the current user's credentials are used to gain access to the queue. However, the suggested best practice is to:
Make the queue an authenticated queue.
Run the ASP.NET application as a domain identity and authorize that application to write to the queue.
Do not impersonate the user when using the queue. Instead, get the caller’s identity and either perform authorization checking in the ASP.NET application or include the caller’s identity as part of the message and perform authorization checking in the receiver application.
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.