<alwaysFlowImpersonationPolicy > 元素<alwaysFlowImpersonationPolicy> Element

指定 Windows 标识始终流经异步点,而不考虑执行模拟的方式。Specifies that the Windows identity always flows across asynchronous points, regardless of how impersonation was performed.

<configuration><configuration>
<运行时 ><runtime>
<alwaysFlowImpersonationPolicy><alwaysFlowImpersonationPolicy>

语法Syntax

<alwaysFlowImpersonationPolicy    
  enabled="true|false"/>  

特性和元素Attributes and Elements

下列各节描述了特性、子元素和父元素。The following sections describe attributes, child elements, and parent elements.

特性Attributes

特性Attribute 描述Description
enabled 必需的特性。Required attribute.

指示是否跨异步点流动的 Windows 标识。Indicates whether the Windows identity flows across asynchronous points.

enabled 特性enabled Attribute

“值”Value 描述Description
false 标识不流经异步点,除非通过执行模拟 Windows 等管理方法ImpersonateThe Windows identity does not flow across asynchronous points, unless the impersonation is performed through managed methods such as Impersonate. 这是默认设置。This is the default.
true Windows 标识始终流经异步点,而不考虑执行模拟的方式。The Windows identity always flows across asynchronous points, regardless of how impersonation was performed.

子元素Child Elements

无。None.

父元素Parent Elements

元素Element 描述Description
configuration 公共语言运行时和 .NET Framework 应用程序所使用的每个配置文件中的根元素。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有关程序集绑定和垃圾回收的信息。Contains information about assembly binding and garbage collection.

备注Remarks

在.NET framework 1.0 和 1.1 中,Windows 标识不流经异步点。In the .NET Framework versions 1.0 and 1.1, the Windows identity does not flow across asynchronous points. 在.NET Framework 2.0 版中,没有ExecutionContext对象,包含有关当前执行线程的信息并跨应用程序域中的异步点流动。In the .NET Framework version 2.0, there is an ExecutionContext object that contains information about the currently executing thread, and flows it across asynchronous points within an application domain. WindowsIdentity流经异步点,模拟已实现使用提供的信息的一部分的流等管理方法还Impersonate并不是通过其他方式如平台调用到本机方法。The WindowsIdentity also flows as part of the information that flows across the asynchronous points, provided the impersonation was achieved using managed methods such as Impersonate and not through other means such as platform invoke to native methods. 此元素用于指定的 Windows 标识总要流经异步点,而不考虑模拟已实现。This element is used to specify that the Windows identity does flow across asynchronous points, regardless of how the impersonation was achieved.

您可以更改此默认行为中两种方法:You can alter this default behavior in two other ways:

  1. 在每个线程进行的托管代码。In managed code on a per-thread basis.

    可以通过修改禁止显示上每个线程进行的流ExecutionContextSecurityContext通过使用设置ExecutionContext.SuppressFlowSecurityContext.SuppressFlowWindowsIdentity,或SecurityContext.SuppressFlow方法。You can suppress the flow on a per-thread basis by modifying the ExecutionContext and SecurityContext settings by using the ExecutionContext.SuppressFlow, SecurityContext.SuppressFlowWindowsIdentity, or SecurityContext.SuppressFlow method.

  2. 在对非托管承载接口来加载公共语言运行时 (CLR) 的调用。In the call to the unmanaged hosting interface to load the common language runtime (CLR).

    如果使用非托管承载接口 (而不是一个简单托管可执行文件) 用于将 CLR 加载,则可以对的调用中指定特殊标志CorBindToRuntimeEx 函数函数。If an unmanaged hosting interface (instead of a simple managed executable) is used to load the CLR, you can specify a special flag in the call to the CorBindToRuntimeEx Function function. 若要启用的整个过程的兼容性模式,设置flags参数CorBindToRuntimeEx 函数STARTUP_ALWAYSFLOW_IMPERSONATIONTo enable the compatibility mode for the entire process, set the flags parameter for CorBindToRuntimeEx Function to STARTUP_ALWAYSFLOW_IMPERSONATION.

配置文件Configuration File

在.NET Framework 应用程序中,可以仅在应用程序配置文件中使用此元素。In a .NET Framework application, this element can be used only in the application configuration file.

在中找到的 aspnet.config 文件中可以为 ASP.NET 应用程序中,配置模拟流<Windows 文件夹 > \Microsoft.NET\Framework\vx.x.xxxx 目录。For an ASP.NET application, the impersonation flow can be configured in the aspnet.config file found in the <Windows Folder>\Microsoft.NET\Framework\vx.x.xxxx directory.

默认情况下 ASP.NET 通过使用以下配置设置可以禁用 aspnet.config 文件中的模拟流:ASP.NET by default disables the impersonation flow in the aspnet.config file by using the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
      <alwaysFlowImpersonationPolicy enabled="false"/>  
   </runtime>  
</configuration>  

在 ASP.NET 中,如果你想要允许的模拟流相反,您必须显式使用以下配置设置:In ASP.NET, if you want to allow the flow of impersonation instead, you must explicitly use the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="false"/>  
      <alwaysFlowImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

示例Example

下面的示例演示如何指定 Windows 标识流经异步点,,即使模拟实现通过非托管方法。The following example shows how to specify that the Windows identity flows across asynchronous points, even when the impersonation is achieved through means other than managed methods.

<configuration>  
  <runtime>  
    <alwaysFlowImpersonationPolicy enabled="true"/>  
  </runtime>  
</configuration>  

请参阅See also