developers.de
daenet's .NET Community
Damir Dobric Posts » Reading of identity while executing service operation

Reading of identity while executing service operation

Damir Dobric Posts

 

Damir@Phone    



My upcoming sessions:

AppFabric Applications at
NRW Conf 2011
09.Sept.2011 Wuppertal

HTML5 widgets in WP7+
Monodroid
Mobility Day
21.Sept.2011 - Zagreb

AppFabric and WCF sessions at
Advanced Developer Conference
26.-27. Oktober 2011 in Frankenthal

AppFabric Applications, queues, topics and more at
Prio Conference
02. - 03. November 2011 in Meistersingerhalle Nürnberg

AppFabric Applications deep dive hosted by
.NET User Group Frankfurt
17.Nov.2011 18.30-22.30 Microsoft - Bad Homburg 

 

 

Tags

View more

Archives

Syndication

When the client and service interoperate by using of the (for example) Basic athentication on the transport layer (security mode = Transport or TransportCredentialOnly), it is often required to read or access the client’s credentials in the context of the service.

 

Following code snippet shows how the client credentials are set on the client’s side:

 

proxy.ClientCredentials.UserName.UserName = "computername\\username";

proxy.ClientCredentials.UserName.Password = "****";

 

Here are some useful examples showing how to read different identities on the server, when the service is stopped while executing some service operation :

 

 

Host’s identity: System.Security.Principal.WindowsIdentity.GetCurrent()

 

System.Security.Principal.WindowsIdentity.GetCurrent()

{System.Security.Principal.WindowsIdentity}

    AuthenticationType: "Kerberos"

    Groups: {System.Security.Principal.IdentityReferenceCollection}

    ImpersonationLevel: None

    IsAnonymous: false

    IsAuthenticated: true

    IsGuest: false

    IsSystem: false

    Name: "Domain\\hostusername"

   Owner: {S-1-5-21-1482476501-707799877-7743024077-1014}

    Token: 1124

    User: {S-1-5-01-1187476200-706689821-1343024091-1014}

 

 

Clients’ identiy impersonated in the thread of the service operation: System.Threading.Thread.CurrentPrincipal.Identity

 

{System.Security.Principal.WindowsIdentity}

    [System.Security.Principal.WindowsIdentity]: {System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    IsAuthenticated: true

    Name: " computername\\user "

 

 

Clients’ primary identiy in the service operation:

OperationContext.Current.ServiceSecurityContext.PrimaryIdentity

 

{System.Security.Principal.WindowsIdentity}

    [System.Security.Principal.WindowsIdentity]: {System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    IsAuthenticated: true

    Name: "computername\\user"

 

 

 

Clients’ windows identiy in the service operation: OperationContext.Current.ServiceSecurityContext.WindowsIdentity

 

{System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    Groups: {System.Security.Principal.IdentityReferenceCollection}

    ImpersonationLevel: Impersonation

    IsAnonymous: false

    IsAuthenticated: true

    IsGuest: false

    IsSystem: false

    Name: " computername\\user"

    Owner: {S-1-5-21-1482476501-707799877-7743024077-1014}

    Token: 1124

    User: {S-1-5-01-1187476200-706689821-1343024091-1014}

Posted Jul 31 2006, 06:26 PM by Damir Dobric
Filed under:

Add a Comment

(required)  
(optional)
(required)  
Remember Me?
daenet GmbH