How to impersonate programmatically in WCF

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

To impersonate the original caller programmatically, you need to have access to Windows Identity of the original caller, calling into your WCF service. For this you need to configure your WCF service to require Windows Authentication. Programmatic impersonation allows you to impersonate on specific lines of code rather than the entire operation.
Use the Impersonate method of the ServiceSecurityContext.Current.WindowsIdentity class, as shown here.
public string GetData(int value)
 using (*ServiceSecurityContext*.Current.WindowsIdentity.*Impersonate*())
     // Execute under security context of the original caller

Important: Revert the impersonation when you are done, in the above example the using statement does it for you.

Additional Resources

Last edited May 8, 2008 at 3:59 AM by prashantbansode, version 1


No comments yet.