惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
N
News and Events Feed by Topic
P
Privacy International News Feed
The Hacker News
The Hacker News
Schneier on Security
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Security Latest
Security Latest
L
LINUX DO - 最新话题
阮一峰的网络日志
阮一峰的网络日志
Cisco Talos Blog
Cisco Talos Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 【当耐特】
博客园 - Franky
P
Privacy & Cybersecurity Law Blog
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
月光博客
月光博客
D
Docker
Webroot Blog
Webroot Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
W
WeLiveSecurity
S
Security Affairs
Martin Fowler
Martin Fowler
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Archives - TechRepublic
Security Archives - TechRepublic
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
B
Blog
L
Lohrmann on Cybersecurity
T
Threatpost
量子位
S
Schneier on Security
V
Visual Studio Blog
S
Securelist
T
The Exploit Database - CXSecurity.com
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
I
Intezer
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 聂微东
小众软件
小众软件
罗磊的独立博客
雷峰网
雷峰网
Recorded Future
Recorded Future

博客园 - Pootow

测试帖 【公告】即日起,本博客关闭。 what about a calendar? WPF is dead, Will HTML5+JS be the future of Desktop? What about .NET? Web browser War II? 推荐一篇文章 Undocumented TransactionScope 架构方面对拟真测试的支持 With great power comes great responsibility AMD CPU 喝茶 Google和百度 Google event 《设计模式》与《国富论》 Life's too short for the wrong job! 个人价值的关键是对业务的理解和架构能力 摘自CPyUG 团队的构成和效率 体检,脂肪肝 貌似昨天忘记志一下了。那今天就志一下关于培训。
Using custom security in WCF
Pootow · 2010-03-11 · via 博客园 - Pootow

http://groups.google.co.uk/group/microsoft.public.windows.developer.winfx.indigo/browse_thread/thread/5b4d8a5790e76feb/4040905d321cce17

Here are some things to get you started on creating your own custom WCF security model:

You are going to need to create your own Identity and Principal objects to
handle the data you want within context.  Inheriting from
System.Security.Principal.IIdentity and System.Security.Principal.IPrincipal
is a good idea.

Also, to validate usernames and passwords you'll need to create your own
custom username and password validator by inheriting from
System.IdentityModel.Selectors.UserNamePasswordValidator.

Then, you'll need to create your own AuthorizationManagers and
AuthorizationPolicies by
inheriting from System.ServiceModel.ServiceAuthorizationManager and then
overriding the CheckAccessCore(OperationContext operationContext) method to
perform additional checks for your model.

Also, you'll need to create your own AuthorizationPolicy by inheriting from
System.IdentityModel.Policy.IAuthorizationPolicy.  Within this interface
you'll have to evaluate the caller's context and give out the appropriate
permissions.

When all of that is done, you'll need to modify your service configuration
to use these custom assemblies in the following configuration tags:

<serviceBehaviors>
        <behavior name="MembershipServiceBehaviors">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
           <userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MYCUSTOMVALIDATORTYPE",
CuraScript.MembershipServices.Validators" cacheLogonTokens="true" />
            <windowsAuthentication allowAnonymousLogons="false" />
          </serviceCredentials>
          <serviceAuthorization impersonateCallerForAllOperations="false"
principalPermissionMode="Custom"
serviceAuthorizationManagerType="MYCUSTOMAUTHORIZATIONMANAGER,
MYCUSTOMAUTHORIZATIONMANAGERASSEMBLY">
            <authorizationPolicies>
              <add policyType="MYCUSTOMAUTHORIZATIONPOLICY,
MYCUSTOMAUTHORIZATIONPOLICYASSEMBLY, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=null" />
            </authorizationPolicies>
          </serviceAuthorization>
        </behavior>
      </serviceBehaviors>