WCF是否有MVC的[授权]属性的相同呢? [英] Does WCF have an equivalent of MVC's [Authorize] attribute?
问题描述
我想装饰的某些业务合同与属性授权主叫方定制逻辑,是这样的:
I want to decorate certain Operation Contracts with an attribute to authorize the caller by custom logic, something like this:
[ServiceBehavior]
public class Service1
{
[OperationContract]
[Authorize] // ?? this should make sure only admins can call this method
public List<SampleItem> GetCollection()
{
return new List<SampleItem>() { new SampleItem("Only Admins see me") };
}
}
在[授权]应该检查是否调用者有权调用此操作;如果没有 - 它应该返回一个错误的故障
The [Authorize] should check if the caller is entitled to call this operation; if not - it should return an error fault.
感谢。
推荐答案
不开箱 - 但WCF顶级大师Juval洛伊有一个非常有趣的文章在MSDN杂志有关的Declarative WCF安全的它出现在同一方向上。
Not out of the box - but WCF top-guru Juval Löwy had a very interesting article in MSDN Magazine about Declarative WCF Security which goes in the same direction.
Juval确定了几个关键的安全方案,并包裹他们每个人分成一个WCF服务行为,在服务器端对服务类的属性被应用。相当有趣的阅读哉!
Juval identified several key security scenarios, and wrapped each of them up into a WCF service behavior to be applied as an attribute on your service class on the server side. Quite an interesting read indeed !
这篇关于WCF是否有MVC的[授权]属性的相同呢?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!