C# WCF模拟不拒绝文件系统访问权限
我无法使自托管WCF应用程序尊重服务器端模拟文件系统访问权限 当我运行该服务时(我可以毫无问题地连接),我能够访问我不应该访问的文件系统,在本例中是CreateDirectory()。当客户端调用该服务时,我可以看到它击中了服务器,但它没有被拒绝访问文件系统,并且仍然在受限文件夹中创建一个目录 我拒绝了对当前用户文件夹的访问权限,并尝试在服务器从主线程启动时创建目录,但由于访问被拒绝而失败。当我调用WindowsIdentity.GetCurrent()时应该注意。Name它在两个实例中显示为相同的名称 我在下面列出了服务器端和客户端连接的设置配置的端点 服务合同代码:C# WCF模拟不拒绝文件系统访问权限,c#,wcf,filesystems,impersonation,wshttpbinding,C#,Wcf,Filesystems,Impersonation,Wshttpbinding,我无法使自托管WCF应用程序尊重服务器端模拟文件系统访问权限 当我运行该服务时(我可以毫无问题地连接),我能够访问我不应该访问的文件系统,在本例中是CreateDirectory()。当客户端调用该服务时,我可以看到它击中了服务器,但它没有被拒绝访问文件系统,并且仍然在受限文件夹中创建一个目录 我拒绝了对当前用户文件夹的访问权限,并尝试在服务器从主线程启动时创建目录,但由于访问被拒绝而失败。当我调用WindowsIdentity.GetCurrent()时应该注意。Name它在两个实例中显示为相
public string Ping()
{
System.Security.Principal.WindowsIdentity callerWindowsIdentity = ServiceSecurityContext.Current.WindowsIdentity;
using (callerWindowsIdentity.Impersonate())
{
DirectoryInfo test = Directory.CreateDirectory(@"C:\NoPermisionFolder\Test");
string returnMe = WindowsIdentity.GetCurrent().Name + " " + test.ToString();
return returnMe;
}
}
服务器代码:
// First procedure:
// create a WSHttpBinding that uses Windows credentials and message security
WSHttpBinding myBinding = new WSHttpBinding();
myBinding.Security.Mode = SecurityMode.Message;
myBinding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;
// 2nd Procedure:
// Use the binding in a service
// Create the Type instances for later use and the URI for
// the base address.
Type contractType = typeof(ITest);
Type serviceType = typeof(Test);
Uri baseAddress = new Uri("http://address:port/");
// Create the ServiceHost and add an endpoint, then start
// the service.
ServiceHost myServiceHost = new ServiceHost(serviceType, baseAddress);
myServiceHost.AddServiceEndpoint(contractType, myBinding, "");
//enable metadata
ServiceMetadataBehavior smb = new ServiceMetadataBehavior();
smb.HttpGetEnabled = true;
myServiceHost.Description.Behaviors.Add(smb);
myServiceHost.Open();
Console.WriteLine("Listening");
Console.WriteLine("Press Enter to close the service");
Console.ReadLine();
myServiceHost.Close();
客户端代码:
string address = "http://address:port/";
WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);
binding.Security.Message.ClientCredentialType =
MessageCredentialType.Windows;
EndpointAddress endpointAddress = new EndpointAddress(new Uri(address),
EndpointIdentity.CreateSpnIdentity("host/computerAddress"));
TestClient client = new TestClient(binding, endpointAddress);//"WSHttpBinding_ITest");
client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
client.Open();
string test = client.Ping();
client.Close();
Console.WriteLine(test);
Console.WriteLine("Press Enter to close the service");
Console.ReadLine();