WCF服务安全性进行验证和授权 [英] WCF Service Security for Authentication and Authorization
问题描述
首先,我对我的英语道歉... 正如我在标题中写道,我需要保护我的WCF服务。 我总是用ClientCredentialType =证书用于信息安全模式,检查以这种方式:
First of all I apologize for my english... As I wrote in title I need to secure my WCF Service. I always used message security mode using ClientCredentialType="Certificate", checking in this way:
<serviceCertificate findValue="cn=abc" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName"/>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</clientCertificate>
此配置运作良好,但现在我需要不同的权限,以通过身份验证的客户端分配的,我需要换句话说授权。 任何想法? 谢谢, 阿尔贝托
This configuration worked well, but now I need to assign different privileges to the authenticated clients, I need Authorization in other words. Any idea? Thanks, Alberto
推荐答案
听起来你的角色之后。看看这个<一href="http://wcfsecurityguide.$c$cplex.com/Wiki/View.aspx?title=Ch%2005%20-%20Authentication%2C%20Authorization%20and%20Identities%20in%20WCF"相对=nofollow> codePLEX章和的 codePLEX WCF安全准则。它提供了大量的不同的方案细节,我发现它非常有用设立WCF服务时。
Sounds like you're after Roles. Check out this Codeplex Chapter and the Authorization section of the Codeplex WCF Security Guidelines. It provides plenty of details of different scenarios and I found it very useful when setting up WCF services.
这篇关于WCF服务安全性进行验证和授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
