<legacyImpersonationPolicy > 元素<legacyImpersonationPolicy> Element

指定 Windows 标识不流经异步点,而不考虑当前线程上执行上下文的流设置。Specifies that the Windows identity does not flow across asynchronous points, regardless of the flow settings for the execution context on the current thread.

<configuration><configuration>
<运行时 ><runtime>
<legacyImpersonationPolicy><legacyImpersonationPolicy>

语法Syntax

<legacyImpersonationPolicy    
   enabled="true|false"/>  

特性和元素Attributes and Elements

下列各节描述了特性、子元素和父元素。The following sections describe attributes, child elements, and parent elements.

特性Attributes

特性Attribute 描述Description
enabled 必需的特性。Required attribute.

指定的WindowsIdentity不流经异步点,而不考虑ExecutionContext流当前线程上的设置。Specifies that the WindowsIdentity does not flow across asynchronous points, regardless of the ExecutionContext flow settings on the current thread.

enabled 特性enabled Attribute

“值”Value 描述Description
false WindowsIdentity 流经异步点,具体取决于ExecutionContext流当前线程的设置。WindowsIdentity flows across asynchronous points depending upon the ExecutionContext flow settings for the current thread. 这是默认设置。This is the default.
true WindowsIdentity 不流经异步点,而不考虑ExecutionContext流当前线程上的设置。WindowsIdentity does not flow across asynchronous points, regardless of the ExecutionContext flow settings on the current thread.

子元素Child Elements

无。None.

父元素Parent Elements

元素Element 描述Description
configuration 公共语言运行时和 .NET Framework 应用程序所使用的每个配置文件中的根元素。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有关程序集绑定和垃圾回收的信息。Contains information about assembly binding and garbage collection.

备注Remarks

在.NET framework 1.0 和 1.1,WindowsIdentity不会跨任何用户定义的异步点流动。In the .NET Framework versions 1.0 and 1.1, the WindowsIdentity does not flow across any user-defined asynchronous points. 从.NET Framework 2.0 版开始,没有ExecutionContext跨异步点在一个应用程序域中的流对象,其中包含有关当前正在执行的线程,和它的信息。Starting with the .NET Framework version 2.0, there is an ExecutionContext object that contains information about the currently executing thread, and it flows across asynchronous points within an application domain. WindowsIdentity包含在此执行上下文中,因此还流经异步点,这意味着,如果存在的模拟上下文,它会流动。The WindowsIdentity is included in this execution context and therefore also flows across the asynchronous points, which means that if an impersonation context exists, it will flow as well.

从.NET Framework 2.0 开始,你可以使用<legacyImpersonationPolicy>元素来指定:WindowsIdentity不流经异步点。Starting with the .NET Framework 2.0, you can use the <legacyImpersonationPolicy> element to specify that WindowsIdentity does not flow across asynchronous points.

备注

公共语言运行时 (CLR) 可的模拟使用托管的代码,不是模拟平台通过如执行托管代码的外部执行的操作调用到非托管代码或通过直接调用 Win32 函数察觉。The common language runtime (CLR) is aware of impersonation operations performed using only managed code, not of impersonation performed outside of managed code, such as through platform invoke to unmanaged code or through direct calls to Win32 functions. 仅托管WindowsIdentity对象可以流经异步点,除非alwaysFlowImpersonationPolicy元素设置为 true (<alwaysFlowImpersonationPolicy enabled="true"/>)。Only managed WindowsIdentity objects can flow across asynchronous points, unless the alwaysFlowImpersonationPolicy element has been set to true (<alwaysFlowImpersonationPolicy enabled="true"/>). 设置alwaysFlowImpersonationPolicy为 true 的元素指定的 Windows 标识始终流经异步点,而不考虑执行模拟的方式。Setting the alwaysFlowImpersonationPolicy element to true specifies that the Windows identity always flows across asynchronous points, regardless of how impersonation was performed. 有关详细信息流动非托管模拟流经异步点,请参阅 <alwaysFlowImpersonationPolicy > 元素For more information on flowing unmanaged impersonation across asynchronous points, see <alwaysFlowImpersonationPolicy> Element.

您可以更改此默认行为中两种方法:You can alter this default behavior in two other ways:

  1. 在每个线程进行的托管代码。In managed code on a per-thread basis.

    可以通过修改禁止显示上每个线程进行的流ExecutionContextSecurityContext通过使用设置ExecutionContext.SuppressFlowSecurityContext.SuppressFlowWindowsIdentitySecurityContext.SuppressFlow方法。You can suppress the flow on a per-thread basis by modifying the ExecutionContext and SecurityContext settings by using the ExecutionContext.SuppressFlow, SecurityContext.SuppressFlowWindowsIdentity or SecurityContext.SuppressFlow method.

  2. 在对非托管承载接口来加载公共语言运行时 (CLR) 的调用。In the call to the unmanaged hosting interface to load the common language runtime (CLR).

    如果使用非托管承载接口 (而不是一个简单托管可执行文件) 用于将 CLR 加载,则可以对的调用中指定特殊标志CorBindToRuntimeEx 函数函数。If an unmanaged hosting interface (instead of a simple managed executable) is used to load the CLR, you can specify a special flag in the call to the CorBindToRuntimeEx Function function. 若要启用的整个过程的兼容性模式,设置flags参数CorBindToRuntimeEx 函数STARTUP_LEGACY_IMPERSONATION 到。To enable the compatibility mode for the entire process, set the flags parameter for CorBindToRuntimeEx Function to STARTUP_LEGACY_IMPERSONATION.

有关详细信息,请参阅 <alwaysFlowImpersonationPolicy > 元素For more information, see the <alwaysFlowImpersonationPolicy> Element.

配置文件Configuration File

在.NET Framework 应用程序中,可以仅在应用程序配置文件中使用此元素。In a .NET Framework application, this element can be used only in the application configuration file.

在中找到的 aspnet.config 文件中可以为 ASP.NET 应用程序中,配置模拟流<Windows 文件夹 > \Microsoft.NET\Framework\vx.x.xxxx 目录。For an ASP.NET application, the impersonation flow can be configured in the aspnet.config file found in the <Windows Folder>\Microsoft.NET\Framework\vx.x.xxxx directory.

默认情况下 ASP.NET 通过使用以下配置设置可以禁用 aspnet.config 文件中的模拟流:ASP.NET by default disables the impersonation flow in the aspnet.config file by using the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
      <alwaysFlowImpersonationPolicy enabled="false"/>  
   </runtime>  
</configuration>  

在 ASP.NET 中,如果你想要允许的模拟流相反,您必须显式使用以下配置设置:In ASP.NET, if you want to allow the flow of impersonation instead, you must explicitly use the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="false"/>  
      <alwaysFlowImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

示例Example

下面的示例演示如何指定不会跨异步点流动的 Windows 标识的旧行为。The following example shows how to specify the legacy behavior that does not flow the Windows identity across asynchronous points.

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

请参阅See also