如何将对 WCF 数据服务的访问限制为特定用户帐户?
我读了太多的博客文章和文章,以至于我的眼睛变得模糊。我还没有找到我需要的东西(或者我只是不明白我在做什么,这很可能)。
我们有一个 WCF 数据服务,我们想要限制对其的访问。我们希望将 Web 客户端放入应用程序池中,然后只有应用程序池帐户才能使用 WCF 数据服务。
如果有人直接从浏览器或其他应用程序访问 WCF 服务,他们应该无法访问数据。
我该如何设置?我尝试过模仿,但似乎无法使其发挥作用。
确保 WFC 数据服务的安全似乎太困难了,但也许我只是没有正确地看待它。任何帮助将不胜感激。谢谢。
I've read so many blog posts and articles that my eyes are getting blurry. I haven't yet found what I need (or I just don't understand what I'm doing, which is most likely).
We have a WCF data service that we want to restrict access to. We want to put the web client in an app pool, and then only the app pool account should be able to use the WCF data service.
If someone hits the WCF service directly from a browser, or from another application, they should not be able to access the data.
How do I set this up? I tried impersonation, but I couldn't seem to get that to work.
Securing WFC data services seems way too difficult, but maybe I am just not looking at it correctly. Any help would be appreciated. Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
考虑阅读以下内容;
http://msdn.microsoft.com/en-us/library/dd728284.aspx
我会考虑类似下面的代码。 OnStartProcessingRequest 在每次调用 WCF 数据服务时发生;
我确信还会有其他方法来做到这一点。如果它托管在 IIS 中,我猜它可能会像任何其他 ASP.NET Web 应用程序一样受到限制,但我并没有真正研究过它。
Consider having a read of the following;
http://msdn.microsoft.com/en-us/library/dd728284.aspx
I would consider something like the following code. OnStartProcessingRequest occurs on every call to WCF Data Services;
I'm sure there will be other methods to do this as well. If it's hosted in IIS I would guess it could be restricted the same as any other asp.net web application, but I haven't really looked at it much.