Compartir a través de


OperationBehaviorAttribute.Impersonation Propiedad

Definición

Obtiene o establece un valor que indica el nivel de suplantación del autor de la llamada que admite la operación.

public:
 property System::ServiceModel::ImpersonationOption Impersonation { System::ServiceModel::ImpersonationOption get(); void set(System::ServiceModel::ImpersonationOption value); };
public System.ServiceModel.ImpersonationOption Impersonation { get; set; }
member this.Impersonation : System.ServiceModel.ImpersonationOption with get, set
Public Property Impersonation As ImpersonationOption

Valor de propiedad

Uno de los valores de ImpersonationOption. De manera predeterminada, es NotAllowed.

Ejemplos

El siguiente ejemplo de código del servicio requiere la suplantación estableciendo la propiedad Impersonation en Required.

using System;
using System.Collections.Generic;
using System.ServiceModel;
using System.Threading;

namespace Microsoft.WCF.Documentation
{
  [ServiceContract(
    Name="SampleHello",
    Namespace="http://microsoft.wcf.documentation"
  )]
  public interface IHello
  {
    [OperationContract]
    string Hello(string greeting);
  }

  public class HelloService : IHello
  {

    public HelloService()
    {
      Console.WriteLine("Service object created: " + this.GetHashCode().ToString());
    }

    ~HelloService()
    {
      Console.WriteLine("Service object destroyed: " + this.GetHashCode().ToString());
    }

    [OperationBehavior(Impersonation=ImpersonationOption.Required)]
    public string Hello(string greeting)
    {
      Console.WriteLine("Called by: " + Thread.CurrentPrincipal.Identity.Name);
      Console.WriteLine("IsAuthenticated: " + Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString());
      Console.WriteLine("AuthenticationType: " + Thread.CurrentPrincipal.Identity.AuthenticationType.ToString());

      Console.WriteLine("Caller sent: " + greeting);
      Console.WriteLine("Sending back: Hi, " + Thread.CurrentPrincipal.Identity.Name);
      return "Hi, " + Thread.CurrentPrincipal.Identity.Name;
    }
  }
}
Imports System.ServiceModel
Imports System.Threading

Namespace Microsoft.WCF.Documentation
  <ServiceContract(Name:="SampleHello", Namespace:="http://microsoft.wcf.documentation")> _
  Public Interface IHello
    <OperationContract> _
    Function Hello(ByVal greeting As String) As String
  End Interface

  Public Class HelloService
      Implements IHello

    Public Sub New()
      Console.WriteLine("Service object created: " & Me.GetHashCode().ToString())
    End Sub

    Protected Overrides Sub Finalize()
      Console.WriteLine("Service object destroyed: " & Me.GetHashCode().ToString())
    End Sub

    <OperationBehavior(Impersonation:=ImpersonationOption.Required)> _
    Public Function Hello(ByVal greeting As String) As String Implements IHello.Hello
      Console.WriteLine("Called by: " & Thread.CurrentPrincipal.Identity.Name)
      Console.WriteLine("IsAuthenticated: " & Thread.CurrentPrincipal.Identity.IsAuthenticated.ToString())
      Console.WriteLine("AuthenticationType: " & Thread.CurrentPrincipal.Identity.AuthenticationType.ToString())

      Console.WriteLine("Caller sent: " & greeting)
      Console.WriteLine("Sending back: Hi, " & Thread.CurrentPrincipal.Identity.Name)
      Return "Hi, " & Thread.CurrentPrincipal.Identity.Name
    End Function
  End Class
End Namespace

El ejemplo de código siguiente muestra cómo utilizar la propiedad ClientCredentials para establecer las credenciales de la aplicación de cliente antes de invocar la operación que requiere esas credenciales para la suplantación.

using System;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.Security.Principal;
using System.Threading;

namespace Microsoft.WCF.Documentation
{
  public class Client
  {
    public void Run()
    {
      // Picks up configuration from the config file.
      SampleHelloClient wcfClient = new SampleHelloClient();
      try
      {
        // Set the client credentials to permit impersonation. You can do this programmatically or in the configuration file.
        wcfClient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;

        // Make calls using the proxy.
        Console.ForegroundColor = ConsoleColor.White;
        Console.WriteLine("Enter a greeting to send and press ENTER: ");
        Console.Write(">>> ");
        Console.ForegroundColor = ConsoleColor.Green;
        string greeting = Console.ReadLine();
        Console.ForegroundColor = ConsoleColor.White;
        Console.WriteLine("Called service with: \r\n\t" + greeting);
        Console.WriteLine("Service returned: " + wcfClient.Hello(greeting));
        Console.ForegroundColor = ConsoleColor.Blue;
        Console.Write("Press ");
        Console.ForegroundColor = ConsoleColor.Red;
        Console.Write("ENTER");
        Console.ForegroundColor = ConsoleColor.Blue;
        Console.Write(" to exit...");
        Console.ReadLine();
        wcfClient.Close();
      }
      catch (TimeoutException timeProblem)
      {
        Console.WriteLine("The service operation timed out. " + timeProblem.Message);
        wcfClient.Abort();
        Console.Read();
      }
      catch (CommunicationException commProblem)
      {
        Console.WriteLine("There was a communication problem. " + commProblem.Message);
        wcfClient.Abort();
        Console.Read();
      }
    }
    public static void Main()
    {
      Client client = new Client();
      client.Run();
    }
  }
}
Imports System.ServiceModel
Imports System.ServiceModel.Channels
Imports System.Security.Principal
Imports System.Threading

Namespace Microsoft.WCF.Documentation
  Public Class Client
    Public Sub Run()
      ' Picks up configuration from the config file.
      Dim wcfClient As New SampleHelloClient()
      Try
        ' Set the client credentials to permit impersonation. You can do this programmatically or in the configuration file.
        wcfClient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation

        ' Make calls using the proxy.
        Console.ForegroundColor = ConsoleColor.White
        Console.WriteLine("Enter a greeting to send and press ENTER: ")
        Console.Write(">>> ")
        Console.ForegroundColor = ConsoleColor.Green
                Dim greeting = Console.ReadLine()
        Console.ForegroundColor = ConsoleColor.White
        Console.WriteLine("Called service with: " & vbCrLf & vbTab & greeting)
        Console.WriteLine("Service returned: " & wcfClient.Hello(greeting))
        Console.ForegroundColor = ConsoleColor.Blue
        Console.Write("Press ")
        Console.ForegroundColor = ConsoleColor.Red
        Console.Write("ENTER")
        Console.ForegroundColor = ConsoleColor.Blue
        Console.Write(" to exit...")
        Console.ReadLine()
        wcfClient.Close()
      Catch timeProblem As TimeoutException
        Console.WriteLine("The service operation timed out. " & timeProblem.Message)
        wcfClient.Abort()
        Console.Read()
      Catch commProblem As CommunicationException
        Console.WriteLine("There was a communication problem. " & commProblem.Message)
        wcfClient.Abort()
        Console.Read()
      End Try
    End Sub
    Public Shared Sub Main()
      Dim client As New Client()
      client.Run()
    End Sub
  End Class
End Namespace

Comentarios

Utilice la propiedad Impersonation (junto con una configuración de enlace que admita la suplantación) para permitir que los métodos especificados (los marcados con la propiedad Impersonation establecida en Allowed o Required) se ejecuten bajo la identidad del autor de la llamada. Para obtener más información, incluida la forma en que se realiza la suplantación al usar Allowed junto con la ServiceAuthorizationBehavior.ImpersonateCallerForAllOperations propiedad , vea Delegación y suplantación y Cómo: Suplantar a un cliente en un servicio.

Nota

Cuando se agrega mediante programación un punto de conexión de servicio que realiza la suplantación, debe utilizarse uno de los métodos AddServiceEndpoint, o el método ContractDescription.GetContract para cargar correctamente el contrato en un nuevo objeto System.ServiceModel.Description.ServiceDescription. Para utilizar un archivo de configuración no se requiere ningún paso adicional.

Puede haber escenarios concretos cuando no se admite la suplantación. Para más información, consulte Escenarios no admitidos.

Se aplica a