WCF服务授权模式 [英] WCF Service authorization patterns
问题描述
我实现一个安全的WCF服务。认证是使用用户名/密码或Windows凭据进行。该服务在Windows服务进程托管。现在,我试图找出最好的方式来实现的授权的每个服务操作。
I'm implementing a secure WCF service. Authentication is done using username / password or Windows credentials. The service is hosted in a Windows Service process. Now, I'm trying to find out the best way to implement authorization for each service operation.
例如,请考虑以下方法:
For example, consider the following method:
public EntityInfo GetEntityInfo(string entityId);
正如你可能知道,在WCF中,有一个的OperationContext对象,从中可以获取由调用方/客户端传递的安全凭证。现在,验证的将已经通过在该方法中的第一行被称为时间结束。但是,我们如何实现授权,如果决定取决于输入数据本身? (其权限等都是存储在数据库中)例如,在上述情况下,说'管理'的用户,被允许得到实体的信息,而其他用户不应该被允许...在哪里,我们把授权检查?
As you may know, in WCF, there is an OperationContext object from which you can retrieve the security credentials passed in by the caller/client. Now,authentication would have already finished by the time the first line in the method is called. However, how do we implement authorization if the decision depends on the input data itself? For example, in the above case, say 'admin' users(whose permissions etc are stored in a database), are allowed to get entity info, and other users should not be allowed... where do we put the authorization checks?
假设我们把它的方法,像这样的第一行:
Say we put it in the first line of the method like so:
CheckAccessPermission(PermissionType.GetEntity, user, entityId) //user is pulled from the current OperationContext
现在,有几个问题:
-
难道我们验证ENTITYID(例如检查空/空值等)前的授权检查或内部授权检查?换句话说,如果授权检查应包括在每一个方法,就是一个很好的模式呢?这首先应该发生 - 参数验证或授权
Do we validate the entityId (for example check null / empty value etc) BEFORE the authorization check or INSIDE the authorization check? In other words, if authorization checks should be included in every method, is that a good pattern? Which should happen first - argument validation or authorization?
我们如何单元测试时,授权检查全国各地像这样的地方,我们没有一个的OperationContext在单元测试WCF服务!? (假设我试着直接测试这个服务类实现没有任何的WCF设置的)。
How do we unit test a WCF service when authorization checks are all over the place like this, and we don't have an OperationContext in the unit test!? (Assuming I'm tryin to test this service class implementation directly without any of the WCF setup).
任何想法家伙?
推荐答案
有关问题1,绝对授权第一。没有code(你的控制范围之内)应该执行前的授权,以保持严格的安全性。上述保罗的例子是优秀的。
For question 1, absolutely do authorization first. No code (within your control) should execute before authorization to maintain the tightest security. Paul's example above is excellent.
有关问题2,你可以通过继承您的具体服务实现处理这个问题。使真正的业务逻辑实现的抽象类与抽象的CheckPermissions的方法,你上面提到。然后创建2子,一个WCF使用,和一(非常孤立在非部署的DLL),返回真(或任何你想它在你的单元测试一样)。
For question 2, you could handle this by subclassing your concrete service implementation. Make the true business logic implementation an abstract class with an abstract "CheckPermissions" method as you mention above. Then create 2 subclasses, one for WCF use, and one (very isolated in a non deployed DLL) which returns true (or whatever you'd like it to do in your unit testing).
实施例(注意,这些不应该在相同的文件或即使DLL虽然!):
Example (note, these shouldn't be in the same file or even DLL though!):
public abstract class MyServiceImpl
{
public void MyMethod(string entityId)
{
CheckPermissions(entityId);
//move along...
}
protected abstract bool CheckPermissions(string entityId);
}
public class MyServiceUnitTest
{
private bool CheckPermissions(string entityId)
{
return true;
}
}
public class MyServiceMyAuth
{
private bool CheckPermissions(string entityId)
{
//do some custom authentication
return true;
}
}
那么你的WCF部署使用类MyServiceMyAuth了,你做你的单元测试对其他。
Then your WCF deployment uses the class "MyServiceMyAuth", and you do your unit testing against the other.
这篇关于WCF服务授权模式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
