4

I have a WCF service with "ImpersonationOption.Required". The impersonation does not seem to flow through when using parallelism. For example:

Parallel.ForEach(items => results.Add(SystemUtil.WindowsUser.Name)

Will return a number with the impersonated user, and a number with the app pool user. Can impersonation be made to work with parallelism?

Best,

Marc

Update:

This is actual code on the IIS Service side.

[OperationBehavior(Impersonation = ImpersonationOption.Required)]
public string[] WhoAmI(int numOfTests)
{
    var tests = new List<int>();
    for (var i = 0; i < numOfTests; i++)
        tests.Add(i);

    var results = new ConcurrentBag<string>();
    Parallel.ForEach(tests, (test) => results.Add(WindowsIdentity.GetCurrent(false).Name));
    return results.ToArray();
}

If I pass in numOfTests = 10, it spawns 10 tasks and return the WindowsIndentity Name of each task. What I get is ~70% "IIS APPPOOL.NET v4.0" and ~30% me.

How can I set it such that my identity always makes it into the Parallel.ForEach?

Thanks!

user1582843
  • 75
  • 5
  • 1
    Please post exact code, this makes no sense. – H H Sep 12 '12 at 20:37
  • I have updated the issue with exact code. – user1582843 Sep 25 '12 at 17:45
  • Re-write this as a normal For each loop (`foreach(timer in timers) { results.Add(WindowsIdentity.GetCurrent(false).Name; }`) and you will see the problem, You never do anything with `timer` inside the loop so you are just executing the same code over and over again so of course you will get the same result each time. – Scott Chamberlain Sep 25 '12 at 18:01
  • OK, much better question this way and even interesting. If it doesn't reopen in a day or so, re-post. – H H Sep 25 '12 at 19:31
  • As an explanation I would say that the main thread is doing part of the ForEach, impersonated, and that extra Threads do not impersonate. The number 10 is too small to get a real distribution. – H H Sep 26 '12 at 19:30

1 Answers1

2

You need to take care of that yourself. Try something like this:

IntPtr token = WindowsIdentity.GetCurrent().Token;

Parallel.ForEach( Enumerable.Range( 1, 100 ), ( test ) =>
{
    using ( WindowsIdentity.Impersonate( token ) )
    {
          Console.WriteLine( WindowsIdentity.GetCurrent( false ).Name );
    }
} );
Ivan Zlatanov
  • 5,146
  • 3
  • 29
  • 45
  • This worked -- thanks! We were lucky that we wrap Parallel.ForEach calls into an extension method so I only had to change in one place. – user1582843 Sep 27 '12 at 16:13