> This is a strange design decision - but in any case you get a
> WindowsIdentity, so you can create a WindowsPrincipal even without
> impersonating (which should only be done if you really need to)

> WindowsPrincipal p = new
> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);

> Hi,
> first of all you have to specify the tokenImpersonationLevel also in the
> server config (IIRC - Identify is the default).
>
> It is true that you only get a WindowsPrincipal when impersonate=true.
>
> This is a strange design decision - but in any case you get a
> WindowsIdentity, so you can create a WindowsPrincipal even without
> impersonating (which should only be done if you really need to)
>
> WindowsPrincipal p = new
> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);
>
> dominick
>
>> Hi,
>> When I try to use impersonation when remoting I always get an
>> exception even
>> when the server and client are on the same computer... Here are my 2
>> config
>> lines for the channels (that's about all there is in each config
>> files)
>> Client <channel ref="tcp" secure="true"
>> tokenImpersonationLevel="Impersonation"
>> protectionLevel="EncryptAndSign"/>
>> Server :
>> <channel ref="tcp" DisplayName="LoginServer" secure="true"
>> port="20000"
>> impersonate="true" protectionLevel="EncryptAndSign"/>
>> The exception I get :
>> "A remote side security requirement was not fulfilled during
>> authentication.
>> Try increasing the ProtectionLevel and/or ImpersonationLevel."
>> I get this exception on the first call after getting the object from
>> the server... It may be important to note the object is marshaled
>> from the server, so the server has an instance of the object and did
>> RemotingServices.Marshal(...) on it. The client gets it using
>> Activator.GetObject... If I use Identification, it works fine, but
>> the WindowsPrincipal does not get through the server to another server
>> (always on the same computer than the original server) containing
>> other objects returned by the marshaled object... so I must use
>> Impersonation and maybe Delegation... but for now, if I use anything
>> else than Identification I get this exception...
>>
>> Can anyone help please?
>>
>> Thanks
>>
>> ThunderMusic
>>
>
>

"ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message
news:OB$$A7AsGHA.4884@TK2MSFTNGP04.phx.gbl...
> thanks for your quick answer...
>
> even if I set the tokenImpersonationLevel on server side to impersonation,
> it always throw me the exception I stated earlier...
>
>> This is a strange design decision - but in any case you get a
>> WindowsIdentity, so you can create a WindowsPrincipal even without
>> impersonating (which should only be done if you really need to)
> Actually, it seems I have to, because right now, if I want to get an
> object from ServerB to clientA using ServerA as an intermediate, the
> principal sent to the ServerB's Thread.CurrentPrincipal is the ServerA's
> principal and I need clientA's principal... I find it a bit confusing
> because ServerA doesn't make any call to the ServerB object, it only
> passes the reference to ClientA and then ClientA do the call... but I
> guess the Activator.GetObject(...) sets the Thread.CurrentPrincipal so
> we're stuck with the ServerA's principal. So that's why I need
> impersonation and I can't get it to work yet...
>
>> WindowsPrincipal p = new
>> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);
> I know, I already use this exact line, but it does not work because of the
> reason I stated above... ServerB receives ServerA Principal instead of
> ClientA Principal, so it's wrong for what I need.
>
> Do you have any solution or at least a link where there could be something
> useful on the subject? I've read about everythin article on MS site about
> this and found nothing helpful yet...
>
> thanks
>
> ThunderMusic
>
>
>
>
> "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in
> message news:4580be6385f68c87e2fbb2f2920@news.microsoft.com...
>> Hi,
>> first of all you have to specify the tokenImpersonationLevel also in the
>> server config (IIRC - Identify is the default).
>>
>> It is true that you only get a WindowsPrincipal when impersonate=true.
>>
>> This is a strange design decision - but in any case you get a
>> WindowsIdentity, so you can create a WindowsPrincipal even without
>> impersonating (which should only be done if you really need to)
>>
>> WindowsPrincipal p = new
>> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);
>>
>> dominick
>>
>>> Hi,
>>> When I try to use impersonation when remoting I always get an
>>> exception even
>>> when the server and client are on the same computer... Here are my 2
>>> config
>>> lines for the channels (that's about all there is in each config
>>> files)
>>> Client <channel ref="tcp" secure="true"
>>> tokenImpersonationLevel="Impersonation"
>>> protectionLevel="EncryptAndSign"/>
>>> Server :
>>> <channel ref="tcp" DisplayName="LoginServer" secure="true"
>>> port="20000"
>>> impersonate="true" protectionLevel="EncryptAndSign"/>
>>> The exception I get :
>>> "A remote side security requirement was not fulfilled during
>>> authentication.
>>> Try increasing the ProtectionLevel and/or ImpersonationLevel."
>>> I get this exception on the first call after getting the object from
>>> the server... It may be important to note the object is marshaled
>>> from the server, so the server has an instance of the object and did
>>> RemotingServices.Marshal(...) on it. The client gets it using
>>> Activator.GetObject... If I use Identification, it works fine, but
>>> the WindowsPrincipal does not get through the server to another server
>>> (always on the same computer than the original server) containing
>>> other objects returned by the marshaled object... so I must use
>>> Impersonation and maybe Delegation... but for now, if I use anything
>>> else than Identification I get this exception...
>>>
>>> Can anyone help please?
>>>
>>> Thanks
>>>
>>> ThunderMusic
>>>
>>
>>
>
>

"ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message
news:Oai9oNBsGHA.4660@TK2MSFTNGP04.phx.gbl...
> Ok, if I set my channels like this on ServerA and ServerB, it works fine
> between ServerA and ServerB for a simple call (call that does not need
> principals)
>
> <channel ref="tcp" ID="ServerA" secure="true" port="20000"
> tokenImpersonationLevel="Impersonation" impersonate="true"
> protectionLevel="EncryptAndSign"/>
> <channel ref="tcp" ID="ServerB" secure="true" port="20003"
> tokenImpersonationLevel="Impersonation" impersonate="true"
> protectionLevel="EncryptAndSign"/>
>
> my ClientA config file contains this :
> <channel ref="tcp" ID="ClientA" secure="true" port="0"
> tokenImpersonationLevel="Impersonation" impersonate="true"
> protectionLevel="EncryptAndSign"/>
>
> so it works between ServerA and ServerB but not between ClientA and
> ServerA... note : everything is on the same machine...
>
> Thanks
>
> ThunderMusic
>
> "ThunderMusic" <NoSpAmdanlatathotmaildotcom@NoSpAm.com> wrote in message
> news:OB$$A7AsGHA.4884@TK2MSFTNGP04.phx.gbl...
>> thanks for your quick answer...
>>
>> even if I set the tokenImpersonationLevel on server side to
>> impersonation, it always throw me the exception I stated earlier...
>>
>>> This is a strange design decision - but in any case you get a
>>> WindowsIdentity, so you can create a WindowsPrincipal even without
>>> impersonating (which should only be done if you really need to)
>> Actually, it seems I have to, because right now, if I want to get an
>> object from ServerB to clientA using ServerA as an intermediate, the
>> principal sent to the ServerB's Thread.CurrentPrincipal is the ServerA's
>> principal and I need clientA's principal... I find it a bit confusing
>> because ServerA doesn't make any call to the ServerB object, it only
>> passes the reference to ClientA and then ClientA do the call... but I
>> guess the Activator.GetObject(...) sets the Thread.CurrentPrincipal so
>> we're stuck with the ServerA's principal. So that's why I need
>> impersonation and I can't get it to work yet...
>>
>>> WindowsPrincipal p = new
>>> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);
>> I know, I already use this exact line, but it does not work because of
>> the reason I stated above... ServerB receives ServerA Principal instead
>> of ClientA Principal, so it's wrong for what I need.
>>
>> Do you have any solution or at least a link where there could be
>> something useful on the subject? I've read about everythin article on MS
>> site about this and found nothing helpful yet...
>>
>> thanks
>>
>> ThunderMusic
>>
>>
>>
>>
>> "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in
>> message news:4580be6385f68c87e2fbb2f2920@news.microsoft.com...
>>> Hi,
>>> first of all you have to specify the tokenImpersonationLevel also in the
>>> server config (IIRC - Identify is the default).
>>>
>>> It is true that you only get a WindowsPrincipal when impersonate=true.
>>>
>>> This is a strange design decision - but in any case you get a
>>> WindowsIdentity, so you can create a WindowsPrincipal even without
>>> impersonating (which should only be done if you really need to)
>>>
>>> WindowsPrincipal p = new
>>> WindowsPrincipal((WindowsIdentity)Thread.CurrentPrincipal.Identity);
>>>
>>> dominick
>>>
>>>> Hi,
>>>> When I try to use impersonation when remoting I always get an
>>>> exception even
>>>> when the server and client are on the same computer... Here are my 2
>>>> config
>>>> lines for the channels (that's about all there is in each config
>>>> files)
>>>> Client <channel ref="tcp" secure="true"
>>>> tokenImpersonationLevel="Impersonation"
>>>> protectionLevel="EncryptAndSign"/>
>>>> Server :
>>>> <channel ref="tcp" DisplayName="LoginServer" secure="true"
>>>> port="20000"
>>>> impersonate="true" protectionLevel="EncryptAndSign"/>
>>>> The exception I get :
>>>> "A remote side security requirement was not fulfilled during
>>>> authentication.
>>>> Try increasing the ProtectionLevel and/or ImpersonationLevel."
>>>> I get this exception on the first call after getting the object from
>>>> the server... It may be important to note the object is marshaled
>>>> from the server, so the server has an instance of the object and did
>>>> RemotingServices.Marshal(...) on it. The client gets it using
>>>> Activator.GetObject... If I use Identification, it works fine, but
>>>> the WindowsPrincipal does not get through the server to another server
>>>> (always on the same computer than the original server) containing
>>>> other objects returned by the marshaled object... so I must use
>>>> Impersonation and maybe Delegation... but for now, if I use anything
>>>> else than Identification I get this exception...
>>>>
>>>> Can anyone help please?
>>>>
>>>> Thanks
>>>>
>>>> ThunderMusic
>>>>
>>>
>>>
>>
>>
>
>

> Hi,
> When I try to use impersonation when remoting I always get an
> exception even
> when the server and client are on the same computer... Here are my 2
> config
> lines for the channels (that's about all there is in each config
> files)
> Client
> <channel ref="tcp" secure="true"
> tokenImpersonationLevel="Impersonation"
> protectionLevel="EncryptAndSign"/>
> Server :
> <channel ref="tcp" DisplayName="LoginServer" secure="true"
> port="20000"
> impersonate="true" protectionLevel="EncryptAndSign"/>
> The exception I get :
> "A remote side security requirement was not fulfilled during
> authentication.
> Try increasing the ProtectionLevel and/or ImpersonationLevel."
> I get this exception on the first call after getting the object from
> the server... It may be important to note the object is marshaled
> from the server, so the server has an instance of the object and did
> RemotingServices.Marshal(...) on it. The client gets it using
> Activator.GetObject... If I use Identification, it works fine, but
> the WindowsPrincipal does not get through the server to another server
> (always on the same computer than the original server) containing
> other objects returned by the marshaled object... so I must use
> Impersonation and maybe Delegation... but for now, if I use anything
> else than Identification I get this exception...
>
> Can anyone help please?
>
> Thanks
>
> ThunderMusic
>

> Hallo ThunderMusic!
>
>> ok, I found my problem... it was the config file that was not
>> updating in my bin/debug dir... grrr... I hate when I spend time
>> finding a solution when it's a stupid thing like that... does anyone
>> have a trick so it can be done automaticaly?
>>
> Use the PostBuild Event in VS.Net (if you are using VS).
>
> br GO
>

> ok, I found my problem... it was the config file that was not
> updating in my bin/debug dir... grrr... I hate when I spend time
> finding a solution when it's a stupid thing like that... does anyone
> have a trick so it can be done automaticaly?