使用 WCF ServiceHost 或 Endpoint 进行表单身份验证
我正在为 ASP.NET 站点编写 WCF 服务。我想保护我的 service.svc 文件,使其无法被访问。因此,我将其放在表单受保护的文件夹中,如下所示:
http://www.myweb.com/admin/myservice.svc
我尝试使用 AuthenticationService,但接触点太多,并且它不适用于表单身份验证。
还有更好的选择吗?是否有一种方法可以对 Binding 或 ServiceHost 进行子类化以执行身份验证并将 AuthenticationTicket 通过线路发送回客户端?有趣的是,我正在使用 wsHttpsContext,它无需任何工作就能神奇地跟踪会话。它应该没有理由无法跟踪身份验证。
顺便说一句,我真的很惊讶微软没有针对这个问题提出合适的解决方案。这是有关 WCF 的最常见问题之一。
I'm writing a WCF service for an ASP.NET site. I would like to protect my service.svc file so that it cannot be accessed. As a result, I am putting it in a Forms protected folder, like so:
http://www.myweb.com/admin/myservice.svc
I've tried using AuthenticationService, but there are too many touch points and it doesn't work with forms authentication.
Are there any better alternatives? Could there be a way to subclass the Binding or ServiceHost to perform the authentication and send an AuthenticationTicket back down the wire to the client? Interestingly, I'm using wsHttpsContext and it magically keeps track of the session without any work. There should be no reason it can't keep track of the authentication.
As an aside, I'm really surprised that Microsoft hasn't put out a suitable solution to this problem. This is one of the most common questions about WCF.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论