使用自定义 UserNamePasswordValidator,我可以杀死用户的 WPF“会话"吗? [英] With custom UserNamePasswordValidator, can I kill the user's WPF "session"?
问题描述
我正在使用自定义 UserNamePasswordValidator,它会实例化并登录到我们的内部 API.
I'm using a custom UserNamePasswordValidator, which instantiates and logs in to our internal API.
此 API 公开了一个在用户被踢"(被另一个管理用户)时触发的事件,我想通过终止 WCF 会话来对此做出响应,以便进一步调用引发异常.
This API exposes an event that's fired when the user is "kicked" (by another administrative user), and I'd like to respond to this by killing the WCF session, so that further calls throw an exception.
我该怎么做?
我的 WCF 服务托管在 Windows 服务(不是 IIS)中.实例化并登录到内部 API 需要相当长的时间,所以我无法在每次服务调用时都这样做.
My WCF service is hosted in a Windows service (not IIS). Instantiating and logging in to the internal API takes quite a long time, so I can't do it on every service call.
推荐答案
我在 http://www.neovolve.com/post/2008/04/07/wcf-security-getting-the-password-of-the-user.aspx 显示了如何使用自定义 ServiceCredentials 类,并从那里将用户的详细信息一直传递到 Thread.CurrentPrinciple.
I found some code at http://www.neovolve.com/post/2008/04/07/wcf-security-getting-the-password-of-the-user.aspx that shows how to use a custom ServiceCredentials class and, from there, passing the user's details all the way through to Thread.CurrentPrinciple.
从该代码开始,我将 Connection 对象存储在自定义主体对象中,这意味着我可以在会话上下文中访问它.然后,我添加了一个自定义 CodeAccessSecurityAttribute 来检查该连接对象以查看它是否已断开连接.如果是,则会抛出异常,从而终止用户的会话.
Starting from that code, I've stashed the Connection object in a custom principal object, which means that I can get to it in a session context. Then, I added a custom CodeAccessSecurityAttribute that checks that connection object to see if it's been disconnected. If it has, an exception is thrown, which kills the user's session.
这篇关于使用自定义 UserNamePasswordValidator,我可以杀死用户的 WPF“会话"吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
