stackoom
  简体   繁体   中英

How to tie ASP.NET permissions to WCF service

 原文  2011-01-27 18:02:15       c#/ wcf/ asp.net-membership

Question

I am creating a large ASP.NET 4 site which has a WCF service backend. I would like for the site to use the service for login and authorization.

Basically when the user gets to the login page, instead of using a membership provider I want the WCF service to be used as authentication mechanism.

The WCF service already uses Authentication and Authorization (with impersonation), so that clients of the service receive errors if they try to execute service methods they do not have permissions to.

The question is how do I tie this in with the ASP.NET site?

Here is some sample code that I am using:

Web Service Interface: 

[ServiceContract]
public interface IService
{
    [OperationContract]
    bool Foo();

    [OperationContract]
    void Bar();
}

Web Service: 

public class BackEndService : IService
{
    [PrincipalPermission(SecurityAction.Demand, Role="FooRole")]
    public bool Foo()
    {
        return false;
    }

    [PrincipalPermission(SecurityAction.Demand, Role="Bar")]
    public void Bar()
    {
        //...
    }
}

On the client: 

public class LoginPage : Page
{
    public void LoginButton_Clicked(object sender, EventArgs e)
    {
        string username = TxtUsername.Value;
        string password = TxtPassword.Value;

        BackEndService client = new BackEndService();
        client.CleintCredentials.Username = username;
        client.ClientCredentials.Password = password;

        client.Foo(); //if the credentials supplied do not have permissions there will be error
        client.Bar();
    }
}

What I am aiming to achieve is to have some of the UI element's functionality flagged with the PrincipalPermission attribute so that the user doesn't have to make the trip to the service to discover that they do not have permissions.

Moreover, I'd like to have some of the UI elements being loaded/unloaded based on the user's permissions.

Is it possible, or do I have to bake some logic into my service to return whichever UI modules the user can see? Is it possible the permissions to be handled through the service as though it is a Membership provider as it is the case with using PrincipalPermissionAttribute on UI element's code behind?

Thanks, 

<bleepzter/>

1 answers

solution1
 1 ACCPTED  2011-01-27 18:35:57

If you want to use ASP.NET Membership, You'll need to write your own Membership Provider to authenticate against your WCF service. You may need to add an operation to your WCF service to return a list of the roles the user belongs to. Then you can use the Membership class to determine if a user is a particular role, and hide/show UI elements as necessary.

See http://msdn.microsoft.com/en-us/library/f1kyba5e.aspx for more information about creating a membership provider.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to invoke WCF RESTful Service in Windows Service in asp.net? How to inject WCF service client in ASP.Net core? how to connect localhost wcf service with asp.net 4.0 How to pass values through a WCF Service in a ASP.NET Website Consuming WCF Service in ASP.NET, how to cache? ASP.NET Membership Authentication in WCF service Creating a ASP.NET web service, not WCF Why ASP.NET restarting WCF service? ASP.NET Core MVC with WCF Service Access WCF service through ASP.NET
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM