开发者

Purpose of ServiceSecurityContext.WindowsIdentity?

开发者 https://www.devze.com 2023-01-29 07:40 出处:网络
For what reason does ServiceSecurityContext contain a WindowsIdentity property? Namely, if user is authenticated using windows authentication mechanism, then both ServiceSecurityContext.PrimaryIdent

For what reason does ServiceSecurityContext contain a WindowsIdentity property?

Namely, if user is authenticated using windows authentication mechanism, then both ServiceSecurityContext.PrimaryIdentity and ServiceSecurityContext开发者_开发知识库.WindowsIdentity properties hold exactly the same information, and if user is authenticated using some other authentication mechanism, then ServiceSecurityContext.WindowsIdentity will hold blank identity.

Thus, in first case WindowsIdentity property holds the same data as PrimaryIdentity, while in the second case it holds no data at all ( ie it holds blank identity ).

thank you


Namely, if user is authenticated using windows authentication mechanism, then both ServiceSecurityContext.PrimaryIdentity and ServiceSecurityContext.WindowsIdentity properties hold exactly the same information

Just plain wrong.

ServiceSecurityContext.WindowsIdentity returns the type WindowsIdentity and ServiceSecurity.PrimaryIdentity returns the type IIdentity. The WindowsIdentity type has a lot more properties than IIdentity which help give you more insight, if you need it, into the access rights, claims, tokens, and identity of the authenticated user.

The token in particular can help you impersonate a user and thereby gain access to a privileged resource.

Please see https://msdn.microsoft.com/en-us/library/system.security.principal.windowsidentity%28v=vs.110%29.aspx for details.

0

精彩评论

暂无评论...
验证码 换一张
取 消