Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
Welcome To Ask or Share your Answers For Others

Categories

I want to decorate certain Operation Contracts with an attribute to authorize the caller by custom logic, something like this:

[ServiceBehavior]
public class Service1
{
    [OperationContract]
    [Authorize] // ?? this should make sure only admins can call this method
    public List<SampleItem> GetCollection()
    {
        return new List<SampleItem>() { new SampleItem("Only Admins see me") };
    }
}

The [Authorize] should check if the caller is entitled to call this operation; if not - it should return an error fault.

Thanks.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
609 views
Welcome To Ask or Share your Answers For Others

1 Answer

Not out of the box - but WCF top-guru Juval L?wy had a very interesting article in MSDN Magazine about Declarative WCF Security which goes in the same direction.

Juval identified several key security scenarios, and wrapped each of them up into a WCF service behavior to be applied as an attribute on your service class on the server side. Quite an interesting read indeed !


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
...