WCF 的表单身份验证 [英] Forms Authentication for WCF
问题描述
如何使用 FormsAuthentication 概念保护我简单的 WCF 服务?
How to secure my simple WCF service using FormsAuthentication concept ?
ServiceContract 看起来像这样:
[ServiceContract]
public interface MovieDb
{
[OperationContract]
string GetData(int value);
[OperationContract]
string Login(int value);
[OperationContract]
string Logout(int value);
}
我在我的 MVC 4 应用程序中使用了 FormsAuthentication 进行身份验证和授权.
I have used FormsAuthentication in my MVC 4 Application for authentication and authorization.
我能想到的就是在 ServiceContract 类的顶部添加 Authorize 过滤器属性.
All I could think of is like adding Authorize Filter attribute at the top of the ServiceContract class.
非常感谢任何简单术语的指针.谢谢.
Any pointers in Simple terms in much appreciated. Thanks.
推荐答案
您可以使用用户名/密码(表单身份验证)保护您的 WCF:
You can secure your WCF using username/password(Forms Authentication):
如果您决定在服务器端的 WFC 配置中使用成员身份进行身份验证,则添加配置成员身份的行为:
If you decide to use membership for Authentication in WFC configuration on server side you add a behavior configuring the Membership:
<behavior name="myBehavior">
<serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="myRoleProvider"/>
<serviceCredentials>
<serviceCertificate findValue="*.mycert.net" storeLocation="LocalMachine" x509FindType="FindBySubjectName"/>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="myMembershipProvidewr"/>
</serviceCredentials>
</behavior>
您的 WCF 可以像验证一样简单
Your WCF can be validate as simple as
[PrincipalPermission(SecurityAction.Demand, Role = "My Role")]
public bool GetSomething(string param1)
{
...
您可以在此处找到更多信息:http://msdn.microsoft.com/en-us/library/ff650067.aspx
You can find additional information here: http://msdn.microsoft.com/en-us/library/ff650067.aspx
这篇关于WCF 的表单身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
