0

I use the below snippet of code to fetch the client user name in my WCF service. On one of my servers, I am getting the wrong client name. My client is Win7 talking to Server 2008R2 in a workgroup configuration and both machines have users Dave and Dave_Admin. Both are admin on Win7 and only the later is admin on the server. Problem is I start my client as Dave and the server shows the client as Dave_Admin. I have debugged the identities on both sides of the connection as Dave on the client and Dave_Admin on the server. The claim resources also show the Dave_Admin SID.

The only two reasons I can imagine this happens are

  1. the server somehow finds user Dave_Admin looking for Dave which I doubt, or
  2. after setup, I may have renamed administrative user Dave to Dave_Admin and then created a new user Dave as a standard user.

I only have a vague recollection I may have done that but am not sure if I did or not. The c:\users folder looks normal. If I did do this, and this is the reason, is there anyway to correct?

Anyone have another possible explanation or means to fix if this happens after a user rename?

OperationContext lContext = OperationContext.Current;
RemoteEndpointMessageProperty mEndpointMessageProperties = lContext.IncomingMessageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;

mIdentity = lContext.ServiceSecurityContext.WindowsIdentity;
mUserName = mIdentity.Name;
mIPAddress = mEndpointMessageProperties.Address;
mPort = mEndpointMessageProperties.Port;
mConsoleID = string.Format("IP:{0}Port:{1}", mIPAddress, mPort);
mCallbackInterface = lContext.GetCallbackChannel<IConsoleCallbacks>();
mAuthority = TxWcfServer.sSelf.Authorized(mIdentity); // get the user's authority from the WcfServer when they logged on

// show client information
if (AppSupport.IsLogLevel(LogLevel.WCF))
{
   // show the various security contexts
   var x = lContext.ServiceSecurityContext;
   AppSupport.WriteLog(LogLevel.Note, "*** WCF WindowsIdentity is '{0}'.", x.WindowsIdentity.Name);
   AppSupport.WriteLog(LogLevel.Note, "*** WCF PrimaryIdentity is '{0}'.", x.PrimaryIdentity.Name);
   AppSupport.WriteLog(LogLevel.Note, "*** WCF IsAnonymous is '{0}'.", x.IsAnonymous);

   foreach (ClaimSet claimset in ServiceSecurityContext.Current.AuthorizationContext.ClaimSets)
   {
      foreach (System.IdentityModel.Claims.Claim claim in claimset)
      {
          // Write out each claim type, claim value, and the right. There are two 
          // possible values for the right: "identity" and "possessproperty". 
          AppSupport.WriteLog(LogLevel.Note, "*** WCF Claim Type: {0}, Resource: {1} Right: {2}",
                        claim.ClaimType, claim.Resource.ToString(), claim.Right);
      }
   }
}
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Dave
  • 1,822
  • 2
  • 27
  • 36

1 Answers1

0

You need to turn on Impersonation on your WCF service for your code to be able to get the client context, otherwise you'll be getting the service context (Which is probably why you get Dave_Admin instead of Dave, as your service is running as Dave_Admin)

This post has information on how to turn it on: http://msdn.microsoft.com/en-us/library/ms730088.aspx

Ramiro Berrelleza
  • 2,254
  • 1
  • 15
  • 27
  • Thanks for the thought but that is not the problem. I should have mentioned that I get the client credentials just fine for the other clients. Also the service context is LocalSystem, not my admin self. I'm pretty sure this is related to my renaming the user a while back. I wonder if there is anyway to dig into the LSA/SAM to see what is really there? – Dave Dec 21 '12 at 05:12