<alwaysFlowImpersonationPolicy> 項目<alwaysFlowImpersonationPolicy> Element

指定 Windows 識別一律流經非同步點,而不論模擬的執行方式為何。Specifies that the Windows identity always flows across asynchronous points, regardless of how impersonation was performed.

<configuration>
  <runtime>
    <alwaysFlowImpersonationPolicy>\

SyntaxSyntax

<alwaysFlowImpersonationPolicy
  enabled="true|false"/>  

屬性和項目Attributes and Elements

下列章節說明屬性、子元素和父元素。The following sections describe attributes, child elements, and parent elements.

屬性Attributes

屬性Attribute 描述Description
enabled 必要屬性。Required attribute.

指出 Windows 身分識別是否流經非同步點。Indicates whether the Windows identity flows across asynchronous points.

啟用屬性enabled Attribute

Value 描述Description
false 除非透過 managed 方法(例如)執行模擬,否則 Windows 身分識別不會在非同步點之間流動 ImpersonateThe Windows identity does not flow across asynchronous points, unless the impersonation is performed through managed methods such as Impersonate. 此為預設值。This is the default.
true Windows 身分識別一律會流經非同步點,而不論模擬的執行方式為何。The Windows identity always flows across asynchronous points, regardless of how impersonation was performed.

子元素Child Elements

無。None.

父項目Parent Elements

項目Element 描述Description
configuration 通用語言執行平台和 .NET Framework 應用程式所使用之每個組態檔中的根項目。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有關組件繫結和記憶體回收的資訊。Contains information about assembly binding and garbage collection.

備註Remarks

在 .NET Framework 1.0 和1.1 版中,Windows 身分識別不會在非同步點之間流動。In the .NET Framework versions 1.0 and 1.1, the Windows identity does not flow across asynchronous points. 在 .NET Framework 2.0 版中,有一個 ExecutionContext 物件包含目前執行中線程的相關資訊,並在應用程式域內的非同步點之間流動。In the .NET Framework version 2.0, there is an ExecutionContext object that contains information about the currently executing thread, and flows it across asynchronous points within an application domain. WindowsIdentity它也會在流經非同步點的資訊中流動,但前提是使用 managed 方法(例如 Impersonate ,而不是透過其他方法(例如平台叫用)來達到模擬。The WindowsIdentity also flows as part of the information that flows across the asynchronous points, provided the impersonation was achieved using managed methods such as Impersonate and not through other means such as platform invoke to native methods. 這個元素可用來指定 Windows 身分識別會在非同步點之間流動,而不論模擬的達成方式為何。This element is used to specify that the Windows identity does flow across asynchronous points, regardless of how the impersonation was achieved.

您可以透過兩種其他方式來改變這個預設行為:You can alter this default behavior in two other ways:

  1. 在 managed 程式碼中,以每個執行緒為基礎。In managed code on a per-thread basis.

    您可以 ExecutionContext SecurityContext 使用 ExecutionContext.SuppressFlowSecurityContext.SuppressFlowWindowsIdentity 或方法修改和設定,以每個執行緒為基礎來隱藏流程 SecurityContext.SuppressFlowYou can suppress the flow on a per-thread basis by modifying the ExecutionContext and SecurityContext settings by using the ExecutionContext.SuppressFlow, SecurityContext.SuppressFlowWindowsIdentity, or SecurityContext.SuppressFlow method.

  2. 在非受控裝載介面的呼叫中,將 common language runtime 載入 (CLR) 。In the call to the unmanaged hosting interface to load the common language runtime (CLR).

    如果使用非受控裝載介面 (而非簡單的 managed 可執行檔) 用來載入 CLR,您可以在 CorBindToRuntimeEx 函數 函式的呼叫中指定特殊旗標。If an unmanaged hosting interface (instead of a simple managed executable) is used to load the CLR, you can specify a special flag in the call to the CorBindToRuntimeEx Function function. 若要啟用整個進程的相容性模式,請將 flags CorBindToRuntimeEx 函式的參數設定為 STARTUP_ALWAYSFLOW_IMPERSONATIONTo enable the compatibility mode for the entire process, set the flags parameter for CorBindToRuntimeEx Function to STARTUP_ALWAYSFLOW_IMPERSONATION.

組態檔Configuration File

在 .NET Framework 應用程式中,這個元素只能用在應用程式佈建檔中。In a .NET Framework application, this element can be used only in the application configuration file.

針對 ASP.NET 應用程式,您可以在 \Microsoft.NET\Framework\vx.x.xxxx 目錄中找到的 aspnet.config 檔案中設定模擬流程 <Windows Folder> 。For an ASP.NET application, the impersonation flow can be configured in the aspnet.config file found in the <Windows Folder>\Microsoft.NET\Framework\vx.x.xxxx directory.

ASP.NET 預設會使用下列設定來停用 aspnet.config 檔案中的模擬流程:ASP.NET by default disables the impersonation flow in the aspnet.config file by using the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
      <alwaysFlowImpersonationPolicy enabled="false"/>  
   </runtime>  
</configuration>  

在 ASP.NET 中,如果您想要改為允許模擬的流程,您必須明確地使用下列設定:In ASP.NET, if you want to allow the flow of impersonation instead, you must explicitly use the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="false"/>  
      <alwaysFlowImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

範例Example

下列範例示範如何指定 Windows 身分識別流經非同步點,即使是透過 managed 方法以外的方式來達成模擬也是一樣。The following example shows how to specify that the Windows identity flows across asynchronous points, even when the impersonation is achieved through means other than managed methods.

<configuration>  
  <runtime>  
    <alwaysFlowImpersonationPolicy enabled="true"/>  
  </runtime>  
</configuration>  

另請參閱See also