WindowsServiceCredential.IncludeWindowsGroups Property

 

Gets or sets a value that indicates whether the Windows groups that a client belongs to are included in the security context.

Namespace:   System.ServiceModel.Security
Assembly:  System.ServiceModel (in System.ServiceModel.dll)

public bool IncludeWindowsGroups { get; set; }

Property Value

Type: System.Boolean

true if Windows groups are included in the security context; otherwise, false. The default is true.

In most scenarios, knowing which Windows groups users belong to provides useful information for authorization decisions. However, if the Windows groups are not required, setting this property to false can improve performance by avoiding a full-group claim population.

The following code shows how to get this property.

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a WindowsServiceCredential.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

// Add an endpoint.
sh.AddServiceEndpoint(typeof(ICalculator), b, "WindowsCalculator");

// Get a reference to the WindowsServiceCredential object.
WindowsServiceCredential winCredential =
    sh.Credentials.WindowsAuthentication;
// Print out values.
Console.WriteLine("IncludeWindowsGroup: {0}",
    winCredential.IncludeWindowsGroups);
Console.WriteLine("UserNamePasswordValidationMode: {0}",
    winCredential.AllowAnonymousLogons);

Console.ReadLine();

.NET Framework
Available since 3.0
Return to top
Show: