WCF user identity issue when try to impersonate

Question

WCF user identity issue when try to impersonate

I have WCF 3.5 service written by other company but I have source code. I have two clients, first is Silverlight (written by the same company) and second ASP page created by me.

I have following error on WCF site:

using(((WindowsIdentity)HttpContext.Current.User.Identity).Impersonate())
{
    SomeClass.SomeMethod();
}

The Identity is almost the same.

Identity for silverlight call:

Name=Contoso\Administrator
Authenticated=True
Type=Negotiate
ImpersonationLevel=**Impersonation**
IsAnonymous=False
IsGuest=False
IsSystem=False

Identity for ASP Web call:

Name=Contoso\Administrator
Authenticated=True
Type=Negotiate
ImpersonationLevel=**Identification**
IsAnonymous=False
IsGuest=False
IsSystem=False

So the difference is in ImpresonationLevel value. Do you have any idea how can I fix it?

Exception:

System.IO.FileLoadException: Could not load file or assembly 'System.Transactions, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' or one of its dependencies. Either a required impersonation level was not provided, or the provided impersonation level is invalid. (Exception from HRESULT: 0x80070542)
File name: 'System.Transactions, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' ---> System.Runtime.InteropServices.COMException (0x80070542): Either a required impersonation level was not provided, or the provided impersonation level is invalid. (Exception from HRESULT: 0x80070542)

Server stack trace: 
   at System.ServiceModel.Channels.ServiceChannel.OnAbort()
   at System.ServiceModel.Channels.CommunicationObject.Abort()
   at System.ServiceModel.Channels.CommunicationObject.Close(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.System.IDisposable.Dispose()

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at System.IDisposable.Dispose()
   at Microsoft.ResourceManagement.Client.WsTransfer.WsTransferClient.Put(Message request) 
   at Microsoft.ResourceManagement.Client.WsTransfer.WsTransferClient.Put(PutRequest request) 
   at Microsoft.ResourceManagement.Client.DefaultClient.Put(RmResourceChanges transaction) 
   at SomeClass.SomeMethod(some_parames)

asp.net

.net

wcf

silverlight

impersonation

asked on Stack Overflow Jul 24, 2014 by

Konrad Sikorski

1 Answer

I have solved my problem.

To switch ImpersonationLevel from Identification to Impersonation you must update the client wcf behavior configuration. It should looks like this (the most important is the allowedImpersonationLevel attribute):

<system.serviceModel>   
    <client>
      <endpoint ... 
                behaviorConfiguration="ImpersonationBehavior" />
    </client>
    <behaviors>
       <endpointBehaviors>
          <behavior name="ImpersonationBehavior">
             <clientCredentials>
                  <windows allowedImpersonationLevel="Impersonation" />
             </clientCredentials>
          </behavior>
       </endpointBehaviors>
    </behaviors>
</system.serviceModel>

By default WCF use Identification if nothing is specified.

answered on Stack Overflow Jul 25, 2014 by

Konrad Sikorski

User contributions licensed under CC BY-SA 3.0