WindowsClientCredential.AllowedImpersonationLevel 属性
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
获取或设置允许的模拟级别。
public:
property System::Security::Principal::TokenImpersonationLevel AllowedImpersonationLevel { System::Security::Principal::TokenImpersonationLevel get(); void set(System::Security::Principal::TokenImpersonationLevel value); };public System.Security.Principal.TokenImpersonationLevel AllowedImpersonationLevel { get; set; }member this.AllowedImpersonationLevel : System.Security.Principal.TokenImpersonationLevel with get, setPublic Property AllowedImpersonationLevel As TokenImpersonationLevel属性值
示例
下面的示例演示如何设置此属性。
// Create a service host.
EndpointAddress ea = new EndpointAddress("http://localhost/Calculator");
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
// Create a client. The code is not shown here. See the WCF samples
// for an example of the CalculatorClient code.
CalculatorClient cc = new CalculatorClient(b, ea);
// Get a reference to the Windows client credential object.
WindowsClientCredential winCred= cc.ClientCredentials.Windows;
Console.WriteLine("AllowedImpersonationLevel: {0}",
winCred.AllowedImpersonationLevel);
Console.WriteLine("AllowNtlm: {0}", winCred.AllowNtlm);
Console.WriteLine("Domain: {0}", winCred.ClientCredential.Domain);
Console.ReadLine();
// Change the AllowedImpersonationLevel.
winCred.AllowedImpersonationLevel =
System.Security.Principal.TokenImpersonationLevel.Impersonation;
Console.WriteLine("Changed AllowedImpersonationLevel: {0}",
winCred.AllowedImpersonationLevel);
Console.ReadLine();
// Open the calculator and use it.
//cc.Open();
//Console.WriteLine(cc.Add(11, 11));
//// Close the client.
//cc.Close();
' Create a service host.
Dim ea As New EndpointAddress("http://localhost/Calculator")
Dim b As New WSHttpBinding(SecurityMode.Message)
b.Security.Message.ClientCredentialType = _
MessageCredentialType.Windows
' Create a client. The code is not shown here. See the WCF samples
' for an example of the CalculatorClient code.
Dim cc As New CalculatorClient(b, ea)
' Get a reference to the Windows client credential object.
Dim winCred As WindowsClientCredential = cc.ClientCredentials.Windows
Console.WriteLine("AllowedImpersonationLevel: {0}", _
winCred.AllowedImpersonationLevel)
Console.WriteLine("AllowNtlm: {0}", winCred.AllowNtlm)
Console.WriteLine("Domain: {0}", winCred.ClientCredential.Domain)
Console.ReadLine()
' Change the AllowedImpersonationLevel.
winCred.AllowedImpersonationLevel = _
System.Security.Principal.TokenImpersonationLevel.Impersonation
Console.WriteLine("Changed AllowedImpersonationLevel: {0}", _
winCred.AllowedImpersonationLevel)
Console.ReadLine()
' Open the calculator and use it.
' cc.Open()
' Console.WriteLine(cc.Add(11, 11))
' Close the client.
' cc.Close()
注解
此属性指定使用 Windows SSPI 协商身份验证时客户端授予服务器的模拟级别。 请注意,服务器在模拟客户端令牌时所获取的模拟级别不仅仅是此设置的功能。 它还是服务运行时所使用的帐户的相关特权和域设置的功能。
客户端必须使用此属性,明确地设置允许的模拟级别。
如果客户端指定匿名模拟,即使服务上不执行模拟,客户端也总是匿名向服务进行身份验证。 这是由于基础 Windows 操作系统的行为所致。
有关Windows模拟的详细信息,请转到模拟和还原。 有关使用 Windows Communication Foundation 模拟的详细信息,请参阅委派和模拟。