Damir Dobric Posts » Reading of identity while executing service operation

Reading of identity while executing service operation

Damir Dobric Posts

Tags

View more

Next talks:

 

    

Follow me on Twitter: #ddobric



 

 

Archives

Syndication

When the client and service interoperate by using of the (for example) Basic athentication on the transport layer (security mode = Transport or TransportCredentialOnly), it is often required to read or access the client’s credentials in the context of the service.

 

Following code snippet shows how the client credentials are set on the client’s side:

 

proxy.ClientCredentials.UserName.UserName = "computername\\username";

proxy.ClientCredentials.UserName.Password = "****";

 

Here are some useful examples showing how to read different identities on the server, when the service is stopped while executing some service operation :

 

 

Host’s identity: System.Security.Principal.WindowsIdentity.GetCurrent()

 

System.Security.Principal.WindowsIdentity.GetCurrent()

{System.Security.Principal.WindowsIdentity}

    AuthenticationType: "Kerberos"

    Groups: {System.Security.Principal.IdentityReferenceCollection}

    ImpersonationLevel: None

    IsAnonymous: false

    IsAuthenticated: true

    IsGuest: false

    IsSystem: false

    Name: "Domain\\hostusername"

   Owner: {S-1-5-21-1482476501-707799877-7743024077-1014}

    Token: 1124

    User: {S-1-5-01-1187476200-706689821-1343024091-1014}

 

 

Clients’ identiy impersonated in the thread of the service operation: System.Threading.Thread.CurrentPrincipal.Identity

 

{System.Security.Principal.WindowsIdentity}

    [System.Security.Principal.WindowsIdentity]: {System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    IsAuthenticated: true

    Name: " computername\\user "

 

 

Clients’ primary identiy in the service operation:

OperationContext.Current.ServiceSecurityContext.PrimaryIdentity

 

{System.Security.Principal.WindowsIdentity}

    [System.Security.Principal.WindowsIdentity]: {System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    IsAuthenticated: true

    Name: "computername\\user"

 

 

 

Clients’ windows identiy in the service operation: OperationContext.Current.ServiceSecurityContext.WindowsIdentity

 

{System.Security.Principal.WindowsIdentity}

    AuthenticationType: "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0"

    Groups: {System.Security.Principal.IdentityReferenceCollection}

    ImpersonationLevel: Impersonation

    IsAnonymous: false

    IsAuthenticated: true

    IsGuest: false

    IsSystem: false

    Name: " computername\\user"

    Owner: {S-1-5-21-1482476501-707799877-7743024077-1014}

    Token: 1124

    User: {S-1-5-01-1187476200-706689821-1343024091-1014}

Posted Jul 31 2006, 06:26 PM by Damir Dobric
Filed under:
developers.de is a .Net Community Blog powered by daenet GmbH.