The athentication modes using Kerberos do not support the impersonation level 'Delegation'. Specify identification or impersonation.Parameter name: tokenImpersonationLevel

今天在使用WCF中的KerberosRequestorSecurityToken时候报了如题目所说的这个错误,反编译看来一下原来这个类仅仅支持

TokenImpersonationLevel.Identification 和TokenImpersonationLevel.Impersonation,

我的使用方法如下:

KerberosRequestorSecurityToken kqToken = new KerberosRequestorSecurityToken(targetPrincipal,
                                    System.Security.Principal.TokenImpersonationLevel.Delegation,
                                    null, "");
byte[] token = kqToken.GetRequest();

 

后来经过一番调查,发现在WSE中有相关的类可以使用,便将代码改成下边的样子,引用”Microsoft.Web.Services3.dll”,工作正常。

KerberosClientContext context = new KerberosClientContext(targetPrincipal, true, ImpersonationLevel.Delegation);
byte[] token = context.InitializeContext();

posted @ 2009-12-01 16:57  彷徨......  阅读(301)  评论(0编辑  收藏  举报