UnsafeAuthenticatedConnectionSharing Property
For the latest version of Commerce Server 2007 Help, see the Microsoft Web site.
Gets or sets a value indicating whether the ServiceAgent should allow pooling of connection objects with user credentials set.
Namespace: Microsoft.CommerceServer
Assembly: Microsoft.CommerceServer.CrossTierTypes (in Microsoft.CommerceServer.CrossTierTypes.dll)
Syntax
'Declaration
Public Property UnsafeAuthenticatedConnectionSharing As Boolean
'Usage
Dim instance As ServiceAgent
Dim value As Boolean
value = instance.UnsafeAuthenticatedConnectionSharing
instance.UnsafeAuthenticatedConnectionSharing = value
public bool UnsafeAuthenticatedConnectionSharing { get; set; }
public:
property bool UnsafeAuthenticatedConnectionSharing {
bool get ();
void set (bool value);
}
public function get UnsafeAuthenticatedConnectionSharing () : boolean
public function set UnsafeAuthenticatedConnectionSharing (value : boolean)
Property Value
Type: System..::.Boolean
A value indicating whether the ServiceAgent should allow pooling of connection objects with user credentials set.
Remarks
From a security perspective, it is important to note that the ServiceAgent sets the UnsafeAuthenticatedConnectionSharing property of the new proxy to true by default. This can be unsafe from a security perspective if the ServiceAgent is used in an environment where more than one security context is using ServiceAgent objects to connect to Web services from within the same process and using different credentials. The typical example is when the agent is invoked from an ASP.NET Web application or Web service and impersonation is being used in the Web application. In this case, you should disable UnsafeAuthenticatedConnectionSharing by setting the UnsafeAuthenticatedConnectionSharing property to false. When only one user account within a process is using a ServiceAgent object to talk to a Web service, it is not a security risk to leave the UnsafeAuthenticatedConnectionSharing property set to its default value of true. Disabling UnsafeAuthenticatedConnectionSharing can have significant negative performance implications since each message to the Web service will need to be on a separately authenticated connection, greatly increasing network traffic and latency of method calls.
Permissions
- Full trust for the immediate caller. This member cannot be used by partially trusted code. For more information, see Using Libraries from Partially Trusted Code.