WCF和存储认证信息 [英] WCF and storing authentication info
问题描述
让我有一些WCF服务。我需要的是存储,以便立即得到这个信息(不从数据存储查询吧)有关身份验证的用户的其他数据。
我想知道的最佳实践来完成它。我假定可以使用以下选择:
Let I have some WCF service. What I need is to store additional data related to the authenticated user in order to get this info immediately (without querying it from data storage). I'd like to know the best practices to accomplish it. I assume the following alternatives could be used:
1)使服务AspnetCompatible和使用表单认证,HttpContext的和高速缓存。至于这个选择,我想知道使用它的缺点。
1) Make the service AspnetCompatible and use Forms authentications, HttpContext and Cache. As regards this alternative, I'd like to know about the disadvantages of using it.
2)使服务每个会话(InstanceContextMode.PerSession)。对我来说,这个选项的主要缺点是,它可能会导致可伸缩性问题。而据我所知basicHttpBinding的不支持每个会话模式(即,它不适合在Silverlight应用程序的情况下)。
2) Make the service per-session (InstanceContextMode.PerSession). As for me, the main disadvantage of this option is that it might cause problems with scalability. And as far as I know basicHttpBinding doesn't support the per session mode(that is, it's not suitable in case of Silverlight apps).
那么,你怎么看待它,你会推荐使用?
So, what do you think about it and what would you recommend to use?
推荐答案
您总是可以得到的用户名是这样的:
You can always get the username like this:
OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name
您甚至可以得到密码,但它更复杂一些。罗里·普里姆罗斯解释在他的文章。
You can even get the password, though it's a bit more complicated. Rory Primrose explains it in his article.
其他什么信息你需要的,什么是让你在内存中存放调用之间?
What other information do you need and what's keeping you from storing it in memory between calls?
编辑:
Scalibity是一个有效的关注,最好我会坚持PerCall实例化。的通话之间共享信息的简单方法是不是从一个非WCF上下文实例之间共享信息的不同 - 即静
Scalibity is a valid concern, ideally I'd stick to PerCall instancing. A simple means of sharing information between calls is not any different from sharing information between instances in a non-WCF context - namely statics.
这篇关于WCF和存储认证信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
