<legacyImpersonationPolicy> 項目<legacyImpersonationPolicy> Element

指定 Windows 識別不會流經非同步點,而不論目前執行緒上執行內容的流程設定為何。Specifies that the Windows identity does not flow across asynchronous points, regardless of the flow settings for the execution context on the current thread.

<configuration>
  <runtime>
    <legacyImpersonationPolicy>

SyntaxSyntax

<legacyImpersonationPolicy
   enabled="true|false"/>  

屬性和項目Attributes and Elements

下列章節說明屬性、子元素和父元素。The following sections describe attributes, child elements, and parent elements.

屬性Attributes

屬性Attribute 描述Description
enabled 必要屬性。Required attribute.

指定 WindowsIdentity 不論 ExecutionContext 目前線程上的流程設定為何,都不會在非同步點之間流動。Specifies that the WindowsIdentity does not flow across asynchronous points, regardless of the ExecutionContext flow settings on the current thread.

啟用屬性enabled Attribute

Value 描述Description
false WindowsIdentity 依據目前線程的流程設定,在非同步點之間流動 ExecutionContextWindowsIdentity flows across asynchronous points depending upon the ExecutionContext flow settings for the current thread. 此為預設值。This is the default.
true WindowsIdentity 無論 ExecutionContext 目前線程上的流程設定為何,都不會在非同步點之間流動。WindowsIdentity does not flow across asynchronous points, regardless of the ExecutionContext flow settings on the current thread.

子元素Child Elements

無。None.

父項目Parent Elements

項目Element 描述Description
configuration 通用語言執行平台和 .NET Framework 應用程式所使用之每個組態檔中的根項目。The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime 包含有關組件繫結和記憶體回收的資訊。Contains information about assembly binding and garbage collection.

備註Remarks

在 .NET Framework 1.0 和1.1 版中,不 WindowsIdentity 會在任何使用者定義的非同步點之間流動。In the .NET Framework versions 1.0 and 1.1, the WindowsIdentity does not flow across any user-defined asynchronous points. 從 .NET Framework 版本2.0 開始,有一個 ExecutionContext 物件包含目前執行中線程的相關資訊,並且會在應用程式域內的非同步點之間流動。Starting with the .NET Framework version 2.0, there is an ExecutionContext object that contains information about the currently executing thread, and it flows across asynchronous points within an application domain. WindowsIdentity包含在此執行內容中,因此也會在非同步點之間流動,這表示如果有模擬內容,則也會進行流動。The WindowsIdentity is included in this execution context and therefore also flows across the asynchronous points, which means that if an impersonation context exists, it will flow as well.

從 .NET Framework 2.0 開始,您可以使用 <legacyImpersonationPolicy> 元素來指定不 WindowsIdentity 會在非同步點之間流動。Starting with the .NET Framework 2.0, you can use the <legacyImpersonationPolicy> element to specify that WindowsIdentity does not flow across asynchronous points.

注意

Common language runtime (CLR) 知道使用 managed 程式碼執行的模擬作業,而不是在 managed 程式碼之外執行的模擬,例如透過平台叫用至非受控程式碼,或直接呼叫 Win32 函數。The common language runtime (CLR) is aware of impersonation operations performed using only managed code, not of impersonation performed outside of managed code, such as through platform invoke to unmanaged code or through direct calls to Win32 functions. WindowsIdentity除非已將專案設定為 true,否則只有 managed 物件可以在非同步點之間流動 alwaysFlowImpersonationPolicy (<alwaysFlowImpersonationPolicy enabled="true"/>) 。Only managed WindowsIdentity objects can flow across asynchronous points, unless the alwaysFlowImpersonationPolicy element has been set to true (<alwaysFlowImpersonationPolicy enabled="true"/>). 將專案設定 alwaysFlowImpersonationPolicy 為 true,會指定無論模擬的執行方式為何,Windows 身分識別一律會流經非同步點。Setting the alwaysFlowImpersonationPolicy element to true specifies that the Windows identity always flows across asynchronous points, regardless of how impersonation was performed. 如需跨非同步點流動非受控模擬的詳細資訊,請參閱 <alwaysFlowImpersonationPolicy> 元素For more information on flowing unmanaged impersonation across asynchronous points, see <alwaysFlowImpersonationPolicy> Element.

您可以透過兩種其他方式來改變這個預設行為:You can alter this default behavior in two other ways:

  1. 在 managed 程式碼中,以每個執行緒為基礎。In managed code on a per-thread basis.

    您可以 ExecutionContext SecurityContext 使用 ExecutionContext.SuppressFlowSecurityContext.SuppressFlowWindowsIdentity 或方法修改和設定,以每個執行緒為基礎來隱藏流程 SecurityContext.SuppressFlowYou can suppress the flow on a per-thread basis by modifying the ExecutionContext and SecurityContext settings by using the ExecutionContext.SuppressFlow, SecurityContext.SuppressFlowWindowsIdentity or SecurityContext.SuppressFlow method.

  2. 在非受控裝載介面的呼叫中,將 common language runtime 載入 (CLR) 。In the call to the unmanaged hosting interface to load the common language runtime (CLR).

    如果使用非受控裝載介面 (而非簡單的 managed 可執行檔) 用來載入 CLR,您可以在 CorBindToRuntimeEx 函數 函式的呼叫中指定特殊旗標。If an unmanaged hosting interface (instead of a simple managed executable) is used to load the CLR, you can specify a special flag in the call to the CorBindToRuntimeEx Function function. 若要啟用整個進程的相容性模式,請將 flags CorBindToRuntimeEx 函式的參數設定為 STARTUP_LEGACY_IMPERSONATION。To enable the compatibility mode for the entire process, set the flags parameter for CorBindToRuntimeEx Function to STARTUP_LEGACY_IMPERSONATION.

如需詳細資訊,請參閱 <alwaysFlowImpersonationPolicy> 元素For more information, see the <alwaysFlowImpersonationPolicy> Element.

組態檔Configuration File

在 .NET Framework 應用程式中,這個元素只能用在應用程式佈建檔中。In a .NET Framework application, this element can be used only in the application configuration file.

針對 ASP.NET 應用程式,您可以在 \Microsoft.NET\Framework\vx.x.xxxx 目錄中找到的 aspnet.config 檔案中設定模擬流程 <Windows Folder> 。For an ASP.NET application, the impersonation flow can be configured in the aspnet.config file found in the <Windows Folder>\Microsoft.NET\Framework\vx.x.xxxx directory.

ASP.NET 預設會使用下列設定來停用 aspnet.config 檔案中的模擬流程:ASP.NET by default disables the impersonation flow in the aspnet.config file by using the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
      <alwaysFlowImpersonationPolicy enabled="false"/>  
   </runtime>  
</configuration>  

在 ASP.NET 中,如果您想要改為允許模擬的流程,您必須明確地使用下列設定:In ASP.NET, if you want to allow the flow of impersonation instead, you must explicitly use the following configuration settings:

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="false"/>  
      <alwaysFlowImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

範例Example

下列範例示範如何指定不會跨非同步點傳送 Windows 身分識別的舊版行為。The following example shows how to specify the legacy behavior that does not flow the Windows identity across asynchronous points.

<configuration>  
   <runtime>  
      <legacyImpersonationPolicy enabled="true"/>  
   </runtime>  
</configuration>  

另請參閱See also