使用拦截器进行WCF参数验证 [英] WCF Parameter Validation with Interceptor

问题描述

我有一个WCF服务，其操作都需要MyServiceRequest参数(或派生类型) 并返回MyServiceResponse(或衍生的类型)，即:

I have a WCF service with operations that all require MyServiceRequest parameter (or derived type) and returns MyServiceResponse (or dervived type), i.e.:

    [OperationContract]
    MySeviceResponse FindAppointments(FindAppointmentRequest request);

    [OperationContract]
    MyServiceResponse MakeAnAppointment(MakeAnAppointmentRequest request);

    [OperationContract]
    MyServiceResponse RegisterResource(RegisterResourceRequest request);

FindAppointmentRequest，MakeAnAppointmentRequest和RegisterResourceRequest扩展了MyServiceRequest，其中包含属性UserName和UserPassword.

FindAppointmentRequest, MakeAnAppointmentRequest and RegisterResourceRequest extends MyServiceRequest which contains properties UserName and UserPassword.

如果请求中的UserName/UserPassword对不正确，则此方法均无法正确执行.

None of this method executes properly should there be wrong UserName/UserPassword pair in Request.

我想创建一个拦截器，它不仅检查给定的UserName/UserPassword对是否正确(使用IParameterInspector非常简单)，而且还返回扩展MyServiceResponse的ErrorRespone类型的客户端对象.

I want to create an interceptor which not only checks if given UserName/UserPassword pair is correct (which is pretty simple with IParameterInspector) but also returns to the client object of type ErrorRespone that extends MyServiceResponse.

IParameterInspector可以阻止服务执行请求的方法并立即返回ErrorResponse吗?

推荐答案

IParameterInspector可以通过引发异常来阻止执行操作.这是一个例子.

IParameterInspector can prevent operation from executing by throwing an exception. Here's an example.

定义自定义故障合同:

public class DataAccessFaultContract
{
    public string ErrorMessage { get; set; }
}

然后是检查员:

public class InspectorAttribute : Attribute, IParameterInspector, IOperationBehavior
{
    public void AfterCall(string operationName, object[] outputs, object returnValue, object correlationState)
    {

    }

    public object BeforeCall(string operationName, object[] inputs)
    {
        MyServiceRequest request = null;
        if (inputs != null && inputs.Length > 0)
        {
            request = inputs[0] as MyServiceRequest;
        }

        if (request != null && request.Username != "user" && request.Password != "secret")
        {
            var fc = new DataAccessFaultContract{ ErrorMessage = "Invalid user" };
            throw new FaultException<DataAccessFaultContract>(fc);
        }
        return null;
    }

    public void AddBindingParameters(OperationDescription operationDescription, BindingParameterCollection bindingParameters)
    {
    }

    public void ApplyClientBehavior(OperationDescription operationDescription, ClientOperation clientOperation)
    {
    }

    public void ApplyDispatchBehavior(OperationDescription operationDescription, DispatchOperation dispatchOperation)
    {
        dispatchOperation.ParameterInspectors.Add(this);
    }

    public void Validate(OperationDescription operationDescription)
    {
    }
}

最后用适当的属性修饰您的操作:

And finally decorate your operation with appropriate attributes:

[ServiceContract]
public interface IMyServiceContract
{
    [Inspector]
    [FaultContract(typeof(DataAccessFaultContract))]
    [OperationContract]
    MySeviceResponse FindAppointments(FindAppointmentRequest request);

    ...
}

调用服务时，客户端可以检查是否有FaultException:

When invoking the service, the client could check for FaultException:

try
{
    var response = client.FindAppointments(request);
}
catch (FaultException<DataAccessFaultContract> ex)
{
    string errorMessage = ex.Detail.ErrorMessage;
    // ...
}

这篇关于使用拦截器进行WCF参数验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！