自定义 UserNamePasswordValidator 可以向 WCF 会话添加内容吗? [英] Can a custom UserNamePasswordValidator add things to the WCF session?
问题描述
关于这个问题,我正在我的自定义 UserNamePasswordValidator 中实例化到我们内部 API 的连接.我可以把它藏在某个地方,以便我可以在该用户会话的未来调用中使用它吗?
Related to this question, I'm instantiating a connection to our internal API inside my custom UserNamePasswordValidator. Can I stash this somewhere so that I can use it in future calls in that user's session?
这类似于这个问题,但我'没有使用 IIS,所以我不能使用 HttpContext.Current(或者我可以吗?).
This is similar to this question, but I'm not using IIS, so I can't use HttpContext.Current (or can I?).
更新:一些上下文:我们的内部 API 通过 COM 对象公开,该对象公开了一个 Login
方法.我的服务接口中没有 Login
方法,而是有一个自定义 UserNamePasswordValidator
,它调用 COM 对象上的 Login 方法.
Update: Some context: our internal API is exposed via a COM object, which exposes a Login
method. Rather than have a Login
method in my service interface, I've got a custom UserNamePasswordValidator
, which calls the Login method on the COM object.
因为实例化 COM 对象和登录成本很高,所以我想在我的服务方法中重新使用现在登录的 COM 对象.
Because instantiating the COM object and logging in is expensive, I'd like to re-use the now-logged-in COM object in my service methods.
推荐答案
是的,可以.你需要:
- 返回自定义
SecurityTokenManager
的自定义ServiceCredentials
实现. - 返回自定义
CustomUserNameSecurityTokenAuthenticator
的自定义SecurityTokenManager
实现. - 您的自定义
CustomUserNameSecurityTokenAuthenticator
需要覆盖ValidateUserNamePasswordCore
,并且应该添加IAuthorizationPolicy
的自定义实现. - 您对
IAuthorizationPolicy
的实现应该实现Evaluate
,此时它可以开始将内容放入 WCF 上下文中. - 将
evaluationContext["PrimaryIdentity"]
值替换为PasswordIdentity
或自定义IIdentity
. - 将
evaluationContext["Principal"]
值替换为PasswordPrincipal
或自定义IPrincipal
. - 更新
evaluationContext["Identities"]
集合,用您的自定义实例替换GenericIdentity
实例.
- a custom
ServiceCredentials
implementation that returns a customSecurityTokenManager
. - a custom
SecurityTokenManager
implementation that returns a customCustomUserNameSecurityTokenAuthenticator
. - your custom
CustomUserNameSecurityTokenAuthenticator
needs to overrideValidateUserNamePasswordCore
, and should add a custom implementation ofIAuthorizationPolicy
. - your implementation of
IAuthorizationPolicy
should implementEvaluate
, at which point it can start putting things in the WCF context. - replace the
evaluationContext["PrimaryIdentity"]
value with aPasswordIdentity
or a customIIdentity
. - replace the
evaluationContext["Principal"]
value with aPasswordPrincipal
or a customIPrincipal
. - update the
evaluationContext["Identities"]
collection to replace theGenericIdentity
instance with your custom instance.
通过这样做,您可以拥有一个包含一些额外信息的自定义 IPrincipal
实现.
By doing this, you can have a custom IPrincipal
implementation with some extra information in it.
更多详情,请参见这个.
这篇关于自定义 UserNamePasswordValidator 可以向 WCF 会话添加内容吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!