WCF4 REST APIkey 问题 - 将信息从 ServiceAuthorizationManager 传递到服务
我想为我的 WCF4 REST API 实现 API 密钥身份验证解决方案。
我知道我需要创建一个类并从 ServiceAuthorizationManager 派生它并重写 CheckAccessCore 方法。一切我都明白。
但我想要从 CheckAccessCore 执行的操作是将内部信息从 CheckAccessCore 传递到我的 Service 实现类。我在进行 ApiKey 身份验证时查找的诸如“ApiKeyID、权限、标志和其他详细信息”之类的信息。
这样我的服务在内部调用域逻辑时就可以使用内部 ApiKeyID。
我见过很多不同的方法来做到这一点,比如
operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = p;
或
System.Threading.Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
以及其他方式......
I want to implement an API key authentication solution for my WCF4 REST API.
I know that I need to make a class and derive it from ServiceAuthorizationManager and override the CheckAccessCore method. All that I understand.
But what I want to do from the CheckAccessCore pass internal information from the CheckAccessCore to my Service implementation classes. Information like "ApiKeyID, rights, flags and other details" that I looked up when doing the ApiKey authentication.
So that my services internally can use the internal ApiKeyID when it calls the domain logic.
I have seen many different ways of doing this, like
operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = p;
or
System.Threading.Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
and other ways....
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
传递对象的另一种方法是将对象添加到 RequestMessage 对象的 Properties Collection 中。
Another way you can pass along objects is by adding the object to the Properties Collection of the RequestMessage object.