如何保护我的简单 WCF
服务中使用 FormsAuthentication
概念?
How to secure my simple WCF
service using FormsAuthentication
concept ?
在的ServiceContract
类似于此:
[ServiceContract]
public interface MovieDb
{
[OperationContract]
string GetData(int value);
[OperationContract]
string Login(int value);
[OperationContract]
string Logout(int value);
}
我在MVC 4应用程序进行身份验证和授权使用 FormsAuthentication
。
所有我能想到的是,如添加授权
Filter属性在的ServiceContract
类的顶部。
All I could think of is like adding Authorize
Filter attribute at the top of the ServiceContract
class.
任何指针简单来说,在很多AP preciated。谢谢你。
Any pointers in Simple terms in much appreciated. Thanks.
您可以使用用户名/密码(Forms身份验证)保护您的WCF:
You can secure your WCF using username/password(Forms Authentication):
信息安全与用户名客户端
如果您决定使用会员的身份验证在服务器端配置WFC添加行为配置成员:
If you decide to use membership for Authentication in WFC configuration on server side you add a behavior configuring the Membership:
<behavior name="myBehavior">
<serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="myRoleProvider"/>
<serviceCredentials>
<serviceCertificate findValue="*.mycert.net" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="myMembershipProvidewr"/>
</serviceCredentials>
</behavior>
您WCF能够验证这么简单
Your WCF can be validate as simple as
[PrincipalPermission(SecurityAction.Demand, Role = "My Role")]
public bool GetSomething(string param1)
{
...
您可以在这里找到更多的信息: http://msdn.microsoft.com/en-us/library/ff650067.aspx
You can find additional information here: http://msdn.microsoft.com/en-us/library/ff650067.aspx
上一篇:的HttpContext中不工作的global.asax.cs中不、工作、HttpContext、cs
下一篇:保存捆绑与Android复杂的preferences(JSON)复杂、Android、JSON、preferences