Let us see how to impersonate the service call, when client request for the operation
When client try to access the service resource, it does not have permission to do so. In this case, developer can impersonate the client request authorize to access the resource.
[OperationBehavior (Impersonation = ImpersonationOption.Allowed )]
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
Impersonation takes three level of setting
- NotAllowed : This indicate the service should not auto-impersonate
- Allowed : automatically impersonate the caller whenever Windows authentication is used, but it has no effect with other authentication mechanisms
- Required: It makes sure that Windows authentication is used else it will throw exception.
Impersonate all operation:
Impersonation can be allowed for all operation by setting the service Authorization in service behavior section as shown below:
<serviceBehaviors> <behavior name="ServiceBehavior"> <serviceAuthorization impersonateCallerForAllOperations="true" /> </behavior> </serviceBehaviors>