WindowsServiceCredential.IncludeWindowsGroups Property

Reference

Definition

Namespace:: System.ServiceModel.Security

Assembly:: System.ServiceModel.dll

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Gets or sets a value that indicates whether the Windows groups that a client belongs to are included in the security context.

public:
 property bool IncludeWindowsGroups { bool get(); void set(bool value); };

public bool IncludeWindowsGroups { get; set; }

member this.IncludeWindowsGroups : bool with get, set

Public Property IncludeWindowsGroups As Boolean

Property Value

Boolean

true if Windows groups are included in the security context; otherwise, false. The default is true.

Examples

The following code shows how to get this property.

// Create a service host.
Uri httpUri = new Uri("http://localhost/Calculator");
ServiceHost sh = new ServiceHost(typeof(Calculator), httpUri);

// Create a binding that uses a WindowsServiceCredential.
WSHttpBinding b = new WSHttpBinding(SecurityMode.Message);
b.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

// Add an endpoint.
sh.AddServiceEndpoint(typeof(ICalculator), b, "WindowsCalculator");

// Get a reference to the WindowsServiceCredential object.
WindowsServiceCredential winCredential =
    sh.Credentials.WindowsAuthentication;
// Print out values.
Console.WriteLine("IncludeWindowsGroup: {0}",
    winCredential.IncludeWindowsGroups);
Console.WriteLine("UserNamePasswordValidationMode: {0}",
    winCredential.AllowAnonymousLogons);

Console.ReadLine();

' Create a service host.
Dim httpUri As New Uri("http://localhost/Calculator")
Dim sh As New ServiceHost(GetType(Calculator), httpUri)

' Create a binding that uses a WindowsServiceCredential.
Dim b As New WSHttpBinding(SecurityMode.Message)
b.Security.Message.ClientCredentialType = MessageCredentialType.Windows

' Add an endpoint.
sh.AddServiceEndpoint(GetType(ICalculator), b, "WindowsCalculator")

' Get a reference to the WindowsServiceCredential object.
Dim winCredential As WindowsServiceCredential = sh.Credentials.WindowsAuthentication
' Print out values.
Console.WriteLine("IncludeWindowsGroup: {0}", winCredential.IncludeWindowsGroups)
Console.WriteLine("UserNamePasswordValidationMode: {0}", winCredential.AllowAnonymousLogons)

Console.ReadLine()

Remarks

In most scenarios, knowing which Windows groups users belong to provides useful information for authorization decisions. However, if the Windows groups are not required, setting this property to false can improve performance by avoiding a full-group claim population.

Applies to

แชร์ผ่าน