WCF、ASP.NET 兼容模式和使用成员资格提供程序的自定义身份验证
我需要以下方面的帮助:)
首先,我处理具有 WinForms 客户端和服务器的大型应用程序。在我们的例子中,服务器是一组 WCF 服务。有一项服务负责用户身份验证。身份验证的逻辑是自定义且复杂的,并且身份验证服务使用不同的成员资格提供商。
我们希望保护未经身份验证的用户对服务器服务的访问。用户必须首先进行身份验证,然后才能使用其他服务(本例中的用户是其他系统、服务、WinForms 客户端等)。在此基础上,我们决定使用 ASP.NET Url/File Authorization 功能。
因此,我设置了 ASP.NET 兼容模式,在所有绑定配置中允许 cookie,向我们的服务添加了 AspNetCompatibilityRequirements 属性,并向 config 添加了以下配置:
<authentication mode="Forms">
<forms cookieless="UseCookies">
<credentials passwordFormat="Clear" />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
...
<location path="AuthenticationService.svc">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
在我们的身份验证服务的authenticate 方法中,我添加了以下代码:
public AuthenticationResult AuthenticateUser(string username, string password)
{
AuthenticationResult result = new AuthenticationResult();
result = Authenticate(username, password);
if (result.IsAuthenticated)
FormsAuthentication.SetAuthCookie(username, true);
return result;
}
接下来,我编写了以下代码:
var authClient = new AuthenticationServiceClient();
var result = authClient.AuthenticateUser("user", "password");
var otherClient = new OtherServiceClient();
var temp = otherClient.DoSomething();
但是经过身份验证后,我无法访问 OtherServiceClient...
那么,如何在 WCF 服务调用之间共享调用上下文?有人可以提供一些关于这个问题的有用文章吗?
提前致谢! 此致。
I need help in following:)
To begin with I work on the large application, that has a WinForms client and server. Server in our case is the set of WCF services. There is one service that is responsible for authentication of users. The logic of authentication is custom and complex and authentication service uses different membership providers.
We want to protect the access to server services for non-authenticated users. The users must firstly authenticate and than use other services (users in this case are the other systems, services, WinForms client, etc.). On this basis, we decided to use the ASP.NET Url/File Authorization feature.
So, I set on the ASP.NET compatibility mode, allowed cookie in all binding configurations, added AspNetCompatibilityRequirements attribute to our services and added the followingconfigurations to config:
<authentication mode="Forms">
<forms cookieless="UseCookies">
<credentials passwordFormat="Clear" />
</forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
...
<location path="AuthenticationService.svc">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
In the authenticate method of our authentication service I add the following code:
public AuthenticationResult AuthenticateUser(string username, string password)
{
AuthenticationResult result = new AuthenticationResult();
result = Authenticate(username, password);
if (result.IsAuthenticated)
FormsAuthentication.SetAuthCookie(username, true);
return result;
}
Next, I wrote the following code:
var authClient = new AuthenticationServiceClient();
var result = authClient.AuthenticateUser("user", "password");
var otherClient = new OtherServiceClient();
var temp = otherClient.DoSomething();
But after authentication I can't access to OtherServiceClient...
So, how can I share the call context between the WCF services calls? Could anybody provide some useful articles about this question?
Thanks in advance!
Best regards.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要:
1) 在 WCF 中启用会话
2) 使用 WCF 进行身份验证
3) 继续重用您的代理而不是创建新代理。
这很有用:
http://msdn.microsoft.com/en-us/library/ms733040.aspx
You need to:
1) Enable sessions in WCF
2) Authenticate using WCF
3) Keep reusing your proxies instead of creating new ones.
This is useful:
http://msdn.microsoft.com/en-us/library/ms733040.aspx