我有一个非常简单的客户端 - 服务器应用程序,我用它来分隔两个不能在同一个进程中共存的组件。在开发它们时(服务器是一个exe,客户端是一个库),我所有的单元测试都像猪粪一样高兴。当我继续在其他地方重新使用库时,我得到以下异常:
System.Runtime.Remoting.RemotingException: An error occurred while processing the request on the server: System.Security.SecurityException: Cannot open an anonymous level security token.
at System.Security.Principal.WindowsIdentity.GetCurrentInternal(TokenAccessLevels desiredAccess, Boolean threadOnly)
at System.Security.Principal.WindowsIdentity.GetCurrent()
at System.Runtime.Remoting.Channels.Ipc.IpcServerTransportSink.ServiceRequest(Object state)
The Zone of the assembly that failed was:
MyComputer.
我已经在代码中设置了双方的远程处理,而不是在此阶段为了简单而配置文件。它们实际上完全相同:
BinaryClientFormatterSinkProvider client = new BinaryClientFormatterSinkProvider();
BinaryServerFormatterSinkProvider server = new BinaryServerFormatterSinkProvider();
server.TypeFilterLevel = TypeFilterLevel.Full;
Hashtable config = new Hashtable();
config["name"] = "SomeName";
config["portName"] = "SomePortName";
config["typeFilterLevel"] = "Full";
config["impersonate"] = "true";
config["tokenImpersonationLevel"] = "Impersonation";
config["useDefaultCredentials"] = "True";
config["secure"] = "True";
Channel = new IpcChannel(config, client, server);
所以问题是:为什么远程控制框架在启用模拟时想要创建匿名令牌?我已经完全用尽了地方寻找答案。
答案 0 :(得分:0)
IT'不是答案
我知道这是一个古老的问题,但也许有人找到了解决方案。我有与作者类似的设置,但只需要识别级别:
服务器端:
Dictionary<string, object> properties = new Dictionary<string, object>();
properties["authorizedGroup"] = GetUsersGroupName();
properties["name"] = configuration.ServiceShortName + ".Server";
properties["portName"] = configuration.ServiceGuid;
BinaryServerFormatterSinkProvider sinkProvider = new BinaryServerFormatterSinkProvider();
sinkProvider.TypeFilterLevel = TypeFilterLevel.Full;
Channel = new IpcServerChannel(properties, sinkProvider);
Channel.IsSecured = true;
ChannelServices.RegisterChannel(Channel, true);
RemotingConfiguration.RegisterWellKnownServiceType(typeof(AppManagerServer), configuration.ServerObjectUrl, WellKnownObjectMode.SingleCall);
string GetUsersGroupName()
{
const string builtInUsersGroup = "S-1-5-32-545";
SecurityIdentifier sid = new SecurityIdentifier(builtInUsersGroup);
NTAccount ntAccount = (NTAccount)sid.Translate(typeof(NTAccount));
return ntAccount.Value;
}
客户方:
channel = new IpcClientChannel(AppManagerConfiguration.Instance.ServiceShortName + ".Client", null);
ChannelServices.RegisterChannel(channel, true);
string appManagerUrl = "ipc://" + AppManagerConfiguration.Instance.ServiceGuid + "/" + AppManagerConfiguration.Instance.ServerObjectUrl;
(IAppManager)Activator.GetObject(typeof(IAppManager), appManagerUrl).DoSomething();
然后间歇性地得到以下内容: 在服务器上处理请求时发生错误:System.Security.SecurityException:无法打开匿名级安全令牌。
在System.Security.Principal.WindowsIdentity.GetCurrentInternal(TokenAccessLevels desiredAccess,Boolean threadOnly)
在System.Security.Principal.WindowsIdentity.GetCurrent()
at System.Runtime.Remoting.Channels.Ipc.IpcServerTransportSink.ServiceRequest(Object state)
失败的程序集区域是: 我的电脑