EndpointIdentity::CreateUpnIdentity Method (String^)
Creates a user principal name (UPN) identity with a specified name.
Assembly: System.ServiceModel (in System.ServiceModel.dll)
Parameters
- upnName
-
Type:
System::String^
The name for the UPN identity.
Return Value
Type: System.ServiceModel::EndpointIdentity^A UPN EndpointIdentity associated with the specified upnName.
| Exception | Condition |
|---|---|
| ArgumentNullException | upnName is null. |
A secure WCF client that connects to an endpoint with this identity uses the UPN when performing SSPI authentication with the endpoint.
This static method creates an instance of UpnEndpointIdentity by calling its constructor, UpnEndpointIdentity, using upnName as the input parameter.
If upnName is specified with an empty string, authentication falls back from Kerberos to NTLM if possible. If AllowNtlm is false, WCF makes a best-effort to throw an exception if NTLM is used. Note that setting this property to false may not prevent NTLM credentials from being sent over the wire.
The following code shows how to call this method.
namespace TestPrincipalPermission { class PrincipalPermissionModeWindows { [ServiceContract] interface ISecureService { [OperationContract] string Method1(); } class SecureService : ISecureService { [PrincipalPermission(SecurityAction.Demand, Role = "everyone")] public string Method1() { return String.Format("Hello, \"{0}\"", Thread.CurrentPrincipal.Identity.Name); } } public void Run() { Uri serviceUri = new Uri(@"http://localhost:8006/Service"); ServiceHost service = new ServiceHost(typeof(SecureService)); service.AddServiceEndpoint(typeof(ISecureService), GetBinding(), serviceUri); service.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.UseAspNetRoles; service.Open(); EndpointAddress sr = new EndpointAddress( serviceUri, EndpointIdentity.CreateUpnIdentity(WindowsIdentity.GetCurrent().Name)); ChannelFactory<ISecureService> cf = new ChannelFactory<ISecureService>(GetBinding(), sr); ISecureService client = cf.CreateChannel(); Console.WriteLine("Client received response from Method1: {0}", client.Method1()); ((IChannel)client).Close(); Console.ReadLine(); service.Close(); } public static Binding GetBinding() { WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message); binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows; return binding; } } }
Available since 3.0