|
 |  |  |  |  |  |  |
Welcome to Vista Forums we are your forum to discuss Windows Vista x64 and x86 systems. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
 |
| |||||||
| | Thread Tools | Display Modes |
09-06-2007
| #1 (permalink) |
| Guest | WCF Security Hello, I want to do some 'custom' security checking on the level of a WCF services (.SVC file). Therefore I have the next entries defined in my WEB.CONFIG <behaviors> <serviceBehaviors> <behavior name="CobBusinessServiceBehavior"> <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" /> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="Cob.Framework.Utilities.Services.MessageAuthorizationPolicy, Cob.Framework.Utilities" /> </authorizationPolicies> </serviceAuthorization> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="CobBusinessServiceBehavior" name="Cob.Tools.Security.ServiceModel.Services.Security"> <endpoint behaviorConfiguration="CobBusinessEndPointBehavior" binding="netHttpBinding" bindingConfiguration="netHttpBindingConfiguration" name="ISecurityServiceContract" contract="Cob.Tools.Security.ServiceModel.Contracts.ServiceContracts.ISecurityServiceContract" /> </service> </services> Currently my class MessageAuthorizationPolicy is empty (except some temp code). It seems that I do not get into the constructor of this class. Anyone an idea? Regards Kurt |
|
09-10-2007
| #3 (permalink) | ||||||||||||
| Guest | Re: WCF Security Hello, I didn't have a public contructor. Now I added on and indeed the code in the constructor is executed when calling te service. Now I have implemented the IAuthorizationPolicy which has an 'Evaluate' method defined. When is this method called? Kurt "Priya" <priya.marwaha@xxxxxx> wrote in message news:1189174999.140729.6930@xxxxxx
| ||||||||||||
|
09-11-2007
| #4 (permalink) | ||||||||||||||||||||||||
| Guest | Re: WCF Security This method will be called right before every call you make to the actual web service operation. If the policy has enough data to evaluate authorization it should return True from this method, else it should return false. This is typically the place you set a custom thread principal if you need to, where you evaluate claims or roles etc. On Sep 10, 8:02 pm, "Kurt Biesemans" <Kurt.Biesem...@xxxxxx> wrote:
| ||||||||||||||||||||||||
|
09-13-2007
| #5 (permalink) | ||||||||||||||||||||||||||||||||||||
| Guest | Re: WCF Security Priya, I have it working now. Indeed the intention is to have some 'custom' security checking in the evaluate method. In our case people cannot make a service call (access the .SVC file) if they don't have a role in the application. Kurt "Priya" <priya.marwaha@xxxxxx> wrote in message news:1189568497.341211.11400@xxxxxx
| ||||||||||||||||||||||||||||||||||||
| |
| |
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Re: Vista Security Center and Norton Internet Security 2008 | PA Bear [MS MVP] | Vista security | 1 | 04-01-2008 05:47 AM |
| Network runs fine with open security and not with security | Niffty Nev | Vista security | 4 | 01-26-2008 09:42 PM |
| Norton Internet Security 2008 and Vista's Security Center | howardavatar | Vista security | 12 | 01-23-2008 10:03 PM |
| Security Matters — Microsoft 2006 Security Summits Provide Security Training for Detroit Businesses | z3r010 | Vista News | 0 | 06-26-2006 09:02 AM |
| Security Matters — Microsoft 2006 Security Summits Provide Security Training for Detroit Businesses | z3r010 | Vista News | 0 | 06-26-2006 09:01 AM |
Linear Mode
