11

我正在使用 ASP.Net Web API 2 / .Net 4.5.2。

在排队后台工作项时,我试图保留调用主体。为此,我试图:

Thread.CurrentPrincipal = callingPrincipal;

但是当我这样做时,我得到一个 ObjectDisposedException:

System.ObjectDisposedException:安全句柄已关闭

如何将当前主体保留在后台工作项中?
我可以以某种方式复制校长吗?

public void Run<T>(Action<T> action)
{
    _logger.Debug("Queueing background work item");
    var callingPrincipal = Thread.CurrentPrincipal;
    HostingEnvironment.QueueBackgroundWorkItem(token =>
    {
        try
        {
            // UNCOMMENT - THROWS EXCEPTION
            // Thread.CurrentPrincipal = callingPrincipal;
            _logger.Debug("Executing queued background work item");
            using (var scope = DependencyResolver.BeginLifetimeScope())
            {
                var service = scope.Resolve<T>();
                action(service);
            }
        }
        catch (Exception ex)
        {
            _logger.Fatal(ex);
        }
        finally
        {
            _logger.Debug("Completed queued background work item");
        }
    });
}
4

2 回答 2

8

原来ClaimsPrincipal现在有一个复制构造函数。 

var principal = new ClaimsPrincipal(Thread.CurrentPrincipal);

这似乎可以解决问题,同时保留所有身份和声明信息。完整的功能如下:

public void Run<T>(Action<T> action)
{
    _logger.Debug("Queueing background work item");
    var principal = new ClaimsPrincipal(Thread.CurrentPrincipal);

    HostingEnvironment.QueueBackgroundWorkItem(token =>
    {
        try
        {
            Thread.CurrentPrincipal = principal;
            _logger.Debug("Executing queued background work item");
            using (var scope = DependencyResolver.BeginLifetimeScope())
            {
                var service = scope.Resolve<T>();
                action(service);
            }
        }
        catch (Exception ex)
        {
            _logger.Fatal(ex);
        }
        finally
        {
            _logger.Debug("Completed queued background work item");
        }
    });
}
于 2016-02-17T16:48:07.387 回答
0

您的情况的问题是后台任务在Thread.CurrentPrincipal处理后执行。发生这种情况是因为 ASP.NET 模型 - 请求在用户上下文中处理,之后与用户对应的所有值都被释放。所以这恰好发生在你的身份上。尝试保存有关用户及其身份的信息,以便以后模拟它。

您可以查看Microsoft 的支持文章以模拟 ASP.NET 站点中的操作,但我认为这对您没有帮助: 

System.Security.Principal.WindowsImpersonationContext impersonationContext;
impersonationContext = 
    ((System.Security.Principal.WindowsIdentity)callingPrincipal.Identity).Impersonate();

//Insert your code that runs under the security context of the authenticating user here.

impersonationContext.Undo();

或者,您可以使用 User.Token,如下所示:

HostingEnvironment.QueueBackgroundWorkItem(token =>
{
    try
    {
        _logger.Debug("Executing queued background work item");
        using (HostingEnvironment.Impersonate(callingPrincipal.Identity))
        {
            using (var scope = DependencyResolver.BeginLifetimeScope())
            {
                var service = scope.Resolve<T>();
                action(service);
            }
        }
        // UNCOMMENT - THROWS EXCEPTION
        // Thread.CurrentPrincipal = callingPrincipal;
    }
    catch (Exception ex)
    {
        _logger.Fatal(ex);
    }
    finally
    {
        _logger.Debug("Completed queued background work item");
    }
});

我建议您审查您的架构设计,以便找到一种方法将后台操作移至其他上下文,在该上下文中用户身份将保持更长时间。例如,其他方式是使用将电流传递OperationContextTask

// store local operation context
var operationContext = OperationContext.Current;
TaskFactory.StartNew(() =>
{
    // initialize the current operation context
    OperationContext.Current = operationContext;
    action();
})
于 2016-02-17T15:24:27.760 回答