如何将 ASP.NET 权限绑定到 WCF 服务

发布于 2024-10-14 18:43:49 字数 1552 浏览 2 评论 0原文

我正在创建一个具有 WCF 服务后端的大型 ASP.NET 4 站点。我希望该网站使用该服务进行登录和授权。

基本上，当用户进入登录页面时，我希望将 WCF 服务用作身份验证机制，而不是使用会员资格提供程序。

WCF 服务已使用身份验证和授权（通过模拟），因此，如果服务的客户端尝试执行他们无权执行的服务方法，则会收到错误。

问题是如何将其与 ASP.NET 站点结合起来？

以下是我正在使用的一些示例代码：

Web 服务接口：

[ServiceContract]
public interface IService
{
    [OperationContract]
    bool Foo();

    [OperationContract]
    void Bar();
}

Web 服务：

public class BackEndService : IService
{
    [PrincipalPermission(SecurityAction.Demand, Role="FooRole")]
    public bool Foo()
    {
        return false;
    }

    [PrincipalPermission(SecurityAction.Demand, Role="Bar")]
    public void Bar()
    {
        //...
    }
}

在客户端：

public class LoginPage : Page
{
    public void LoginButton_Clicked(object sender, EventArgs e)
    {
        string username = TxtUsername.Value;
        string password = TxtPassword.Value;

        BackEndService client = new BackEndService();
        client.CleintCredentials.Username = username;
        client.ClientCredentials.Password = password;

        client.Foo(); //if the credentials supplied do not have permissions there will be error
        client.Bar();
    }
}

我的目标是使用 PrimaryPermission 属性标记一些 UI 元素的功能，以便用户不必前往该服务发现他们没有权限。

此外，我希望根据用户的权限加载/卸载一些 UI 元素。

是否有可能，或者我是否必须在我的服务中加入一些逻辑才能返回用户可以看到的任何 UI 模块？是否可以通过服务处理权限，就好像它是会员提供程序一样，就像在 UI 元素的代码后面使用 PrimaryPermissionAttribute 的情况一样？

谢谢，

<bleepzter/>

原文

I am creating a large ASP.NET 4 site which has a WCF service backend. I would like for the site to use the service for login and authorization.

Basically when the user gets to the login page, instead of using a membership provider I want the WCF service to be used as authentication mechanism.

The WCF service already uses Authentication and Authorization (with impersonation), so that clients of the service receive errors if they try to execute service methods they do not have permissions to.

The question is how do I tie this in with the ASP.NET site?

Here is some sample code that I am using:

Web Service Interface:

[ServiceContract]
public interface IService
{
    [OperationContract]
    bool Foo();

    [OperationContract]
    void Bar();
}

Web Service:

public class BackEndService : IService
{
    [PrincipalPermission(SecurityAction.Demand, Role="FooRole")]
    public bool Foo()
    {
        return false;
    }

    [PrincipalPermission(SecurityAction.Demand, Role="Bar")]
    public void Bar()
    {
        //...
    }
}

On the client:

public class LoginPage : Page
{
    public void LoginButton_Clicked(object sender, EventArgs e)
    {
        string username = TxtUsername.Value;
        string password = TxtPassword.Value;

        BackEndService client = new BackEndService();
        client.CleintCredentials.Username = username;
        client.ClientCredentials.Password = password;

        client.Foo(); //if the credentials supplied do not have permissions there will be error
        client.Bar();
    }
}

What I am aiming to achieve is to have some of the UI element's functionality flagged with the PrincipalPermission attribute so that the user doesn't have to make the trip to the service to discover that they do not have permissions.

Moreover, I'd like to have some of the UI elements being loaded/unloaded based on the user's permissions.

Is it possible, or do I have to bake some logic into my service to return whichever UI modules the user can see? Is it possible the permissions to be handled through the service as though it is a Membership provider as it is the case with using PrincipalPermissionAttribute on UI element's code behind?

Thanks,