|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
| |
09-06-2007
| #1 (permalink) |
| | WCF Security Hello, I want to do some 'custom' security checking on the level of a WCF services (.SVC file). Therefore I have the next entries defined in my WEB.CONFIG <behaviors> <serviceBehaviors> <behavior name="CobBusinessServiceBehavior"> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" /> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="Cob.Framework.Utilities.Services.MessageAuthorizationPolicy, Cob.Framework.Utilities" /> </authorizationPolicies> </serviceAuthorization> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="CobBusinessServiceBehavior" name="Cob.Tools.Security.ServiceModel.Services.Security"> <endpoint behaviorConfiguration="CobBusinessEndPointBehavior" binding="netHttpBinding" bindingConfiguration="netHttpBindingConfiguration" name="ISecurityServiceContract" contract="Cob.Tools.Security.ServiceModel.Contracts.ServiceContracts.ISecurityServiceContract" /> </service> </services> Currently my class MessageAuthorizationPolicy is empty (except some temp code). It seems that I do not get into the constructor of this class. Anyone an idea? Regards Kurt |
My System Specs |
|
09-07-2007
| #2 (permalink) |
| | Re: WCF Security Stupid question but,,are you sure you've defined a public constructor for the policy? do u have a breakpoint on it? |
| My System Specs |
|
09-10-2007
| #3 (permalink) |
| | Re: WCF Security Hello, I didn't have a public contructor. Now I added on and indeed the code in the constructor is executed when calling te service. Now I have implemented the IAuthorizationPolicy which has an 'Evaluate' method defined. When is this method called? Kurt "Priya" <priya.marwaha@xxxxxx> wrote in message news:1189174999.140729.6930@xxxxxx Quote: > Stupid question but,,are you sure you've defined a public constructor > for the policy? do u have a breakpoint on it? > |
| My System Specs |
|
09-11-2007
| #4 (permalink) |
| | Re: WCF Security This method will be called right before every call you make to the actual web service operation. If the policy has enough data to evaluate authorization it should return True from this method, else it should return false. This is typically the place you set a custom thread principal if you need to, where you evaluate claims or roles etc. On Sep 10, 8:02 pm, "Kurt Biesemans" <Kurt.Biesem...@xxxxxx> wrote: Quote: > Hello, > > I didn't have a public contructor. Now I added on and indeed the code in the > constructor is executed when calling te service. > > Now I have implemented the IAuthorizationPolicy which has an 'Evaluate' > method defined. When is this method called? > > Kurt > > "Priya" <priya.marw...@xxxxxx> wrote in message > > news:1189174999.140729.6930@xxxxxx > > > Quote: > > Stupid question but,,are you sure you've defined a public constructor > > for the policy? do u have a breakpoint on it?- Hide quoted text - > - Show quoted text - |
| My System Specs |
|
09-13-2007
| #5 (permalink) |
| | Re: WCF Security Priya, I have it working now. Indeed the intention is to have some 'custom' security checking in the evaluate method. In our case people cannot make a service call (access the .SVC file) if they don't have a role in the application. Kurt "Priya" <priya.marwaha@xxxxxx> wrote in message news:1189568497.341211.11400@xxxxxx Quote: > This method will be called right before every call you make to the > actual web service operation. If the policy has enough data to > evaluate authorization it should return True from this method, else it > should return false. This is typically the place you set a custom > thread principal if you need to, where you evaluate claims or roles > etc. > On Sep 10, 8:02 pm, "Kurt Biesemans" <Kurt.Biesem...@xxxxxx> > wrote: Quote: >> Hello, >> >> I didn't have a public contructor. Now I added on and indeed the code in >> the >> constructor is executed when calling te service. >> >> Now I have implemented the IAuthorizationPolicy which has an 'Evaluate' >> method defined. When is this method called? >> >> Kurt >> >> "Priya" <priya.marw...@xxxxxx> wrote in message >> >> news:1189174999.140729.6930@xxxxxx >> >> >> Quote: >> > Stupid question but,,are you sure you've defined a public constructor >> > for the policy? do u have a breakpoint on it?- Hide quoted text - >> - Show quoted text - > |
| My System Specs |
| Thread Tools | |
| |
