C# WCF模拟不拒绝文件系统访问权限_C#_Wcf_Filesystems_Impersonation_Wshttpbinding

C# WCF模拟不拒绝文件系统访问权限

c# wcf filesystems

C# WCF模拟不拒绝文件系统访问权限,c#,wcf,filesystems,impersonation,wshttpbinding,C#,Wcf,Filesystems,Impersonation,Wshttpbinding,我无法使自托管WCF应用程序尊重服务器端模拟文件系统访问权限当我运行该服务时（我可以毫无问题地连接），我能够访问我不应该访问的文件系统，在本例中是CreateDirectory（）。当客户端调用该服务时，我可以看到它击中了服务器，但它没有被拒绝访问文件系统，并且仍然在受限文件夹中创建一个目录我拒绝了对当前用户文件夹的访问权限，并尝试在服务器从主线程启动时创建目录，但由于访问被拒绝而失败。当我调用WindowsIdentity.GetCurrent（）时应该注意。Name它在两个实例中显示为相

我无法使自托管WCF应用程序尊重服务器端模拟文件系统访问权限

当我运行该服务时（我可以毫无问题地连接），我能够访问我不应该访问的文件系统，在本例中是CreateDirectory（）。当客户端调用该服务时，我可以看到它击中了服务器，但它没有被拒绝访问文件系统，并且仍然在受限文件夹中创建一个目录

我拒绝了对当前用户文件夹的访问权限，并尝试在服务器从主线程启动时创建目录，但由于访问被拒绝而失败。当我调用WindowsIdentity.GetCurrent（）时应该注意。Name它在两个实例中显示为相同的名称

我在下面列出了服务器端和客户端连接的设置配置的端点

服务合同代码：

public string Ping()
    {
        System.Security.Principal.WindowsIdentity callerWindowsIdentity = ServiceSecurityContext.Current.WindowsIdentity;
        using (callerWindowsIdentity.Impersonate())
        {
            DirectoryInfo test = Directory.CreateDirectory(@"C:\NoPermisionFolder\Test");

            string returnMe = WindowsIdentity.GetCurrent().Name + " " + test.ToString();

            return returnMe;
        }
    }

服务器代码：

// First procedure:
// create a WSHttpBinding that uses Windows credentials and message security
WSHttpBinding myBinding = new WSHttpBinding();
myBinding.Security.Mode = SecurityMode.Message;
myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

// 2nd Procedure:
// Use the binding in a service
// Create the Type instances for later use and the URI for 
// the base address.
Type contractType = typeof(ITest);
Type serviceType = typeof(Test);
Uri baseAddress = new Uri("http://address:port/");

// Create the ServiceHost and add an endpoint, then start
// the service.
ServiceHost myServiceHost = new ServiceHost(serviceType, baseAddress);
myServiceHost.AddServiceEndpoint(contractType, myBinding, "");

//enable metadata
ServiceMetadataBehavior smb = new ServiceMetadataBehavior();
smb.HttpGetEnabled = true;
myServiceHost.Description.Behaviors.Add(smb);

myServiceHost.Open();
Console.WriteLine("Listening");
Console.WriteLine("Press Enter to close the service");
Console.ReadLine();
myServiceHost.Close();

客户端代码：

string address = "http://address:port/";
WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);
binding.Security.Message.ClientCredentialType = 
MessageCredentialType.Windows;

EndpointAddress endpointAddress = new EndpointAddress(new Uri(address), 
EndpointIdentity.CreateSpnIdentity("host/computerAddress"));

TestClient client = new TestClient(binding, endpointAddress);//"WSHttpBinding_ITest");
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.Open();

string test = client.Ping();

client.Close();

Console.WriteLine(test);
Console.WriteLine("Press Enter to close the service");
Console.ReadLine();