本文转自:https://msdn.microsoft.com/en-us/library/aa702720(v=vs.110).aspx

The PrincipalPermissionAttribute is a declarative means of controlling access to service methods. When using this attribute, the PrincipalPermissionMode enumeration specifies the mode for performing authorization checks. When this mode is set to Custom, it enables the user to specify a custom IPrincipal class returned by the CurrentPrincipal property. This topic illustrates the scenario when Custom is used in combination with a custom authorization policy and a custom principal.

For more information about using the PrincipalPermissionAttribute, see How to: Restrict Access with the PrincipalPermissionAttribute Class.

Example

namespace CustomMode

{

    public class Test

    {

        public static void Main()

        {

            try

            {

                ShowPrincipalPermissionModeCustom ppwm = new ShowPrincipalPermissionModeCustom();

                ppwm.Run();

            }

            catch (Exception exc)

            {

                Console.WriteLine("Error: {0}", exc.Message);

                Console.ReadLine();

            }

        }

    }

    class ShowPrincipalPermissionModeCustom

    {

        [ServiceContract]

        interface ISecureService

        {

            [OperationContract]

            string Method1(string request);

        }

        [ServiceBehavior]

        class SecureService : ISecureService

        {

            [PrincipalPermission(SecurityAction.Demand, Role = "everyone")]

            public string Method1(string request)

            {

                return String.Format("Hello, \"{0}\"", Thread.CurrentPrincipal.Identity.Name);

            }

        }

        public void Run()

        {

            Uri serviceUri = new Uri(@"http://localhost:8006/Service");

            ServiceHost service = new ServiceHost(typeof(SecureService));

            service.AddServiceEndpoint(typeof(ISecureService), GetBinding(), serviceUri);

            List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>();

            policies.Add(new CustomAuthorizationPolicy());

            service.Authorization.ExternalAuthorizationPolicies = policies.AsReadOnly();

            service.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom;

            service.Open();

            EndpointAddress sr = new EndpointAddress(

                serviceUri, EndpointIdentity.CreateUpnIdentity(WindowsIdentity.GetCurrent().Name));

            ChannelFactory<ISecureService> cf = new ChannelFactory<ISecureService>(GetBinding(), sr);

            ISecureService client = cf.CreateChannel();

            Console.WriteLine("Client received response from Method1: {0}", client.Method1("hello"));

            ((IChannel)client).Close();

            Console.ReadLine();

            service.Close();

        }

        public static Binding GetBinding()

        {

            WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);

            binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

            return binding;

        }

        class CustomAuthorizationPolicy : IAuthorizationPolicy

        {

            string id = Guid.NewGuid().ToString();

            public string Id

            {

                get { return this.id; }

            }

            public ClaimSet Issuer

            {

                get { return ClaimSet.System; }

            }

            public bool Evaluate(EvaluationContext context, ref object state)

            {

                object obj;

                if (!context.Properties.TryGetValue("Identities", out obj))

                    return false;

                IList<IIdentity> identities = obj as IList<IIdentity>;

                if (obj == null || identities.Count <= 0)

                    return false;

                context.Properties["Principal"] = new CustomPrincipal(identities[0]);

                return true;

            }

        }

        class CustomPrincipal : IPrincipal

        {

            IIdentity identity;

            public CustomPrincipal(IIdentity identity)

            {

                this.identity = identity;

            }

            public IIdentity Identity

            {

                get { return this.identity; }

            }

            public bool IsInRole(string role)

            {

                return true;

            }

        }

    }

}

[转]How to: Create a Custom Principal Identity的更多相关文章

  1. [转]How do you create a custom AuthorizeAttribute in ASP.NET Core?

    问: I'm trying to make a custom authorization attribute in ASP.NET Core. In previous versions it was ...

  2. Part 13 Create a custom filter in AngularJS

    Custom filter in AngularJS 1. Is a function that returns a function 2. Use the filter function to cr ...

  3. How could I create a custom windows message?

    [问题] Our project is running on Windows CE 6.0 and is written in C++ . We have some problems with the ...

  4. [Angular] Create a custom validator for reactive forms in Angular

    Also check: directive for form validation User input validation is a core part of creating proper HT ...

  5. [Angular] Create a custom validator for template driven forms in Angular

    User input validation is a core part of creating proper HTML forms. Form validators not only help yo ...

  6. how to create react custom hooks with arguments

    how to create react custom hooks with arguments React Hooks & Custom Hooks // reusable custom ho ...

  7. [Angular] Create a custom pipe

    For example we want to create a pipe, to tranform byte to Mb. We using it in html like: <div> ...

  8. Create a custom configSection in web.config or app.config file

    config file: <?xml version="1.0" encoding="utf-8" ?> <configuration> ...

  9. How to create a custom action type with a custom control (BarCheckItem), associated with it

    https://www.devexpress.com/Support/Center/Example/Details/E1977/how-to-create-a-custom-action-type-w ...

随机推荐

  1. 解析大型.NET ERP系统 业务逻辑设计与实现

    根据近几年的制造业软件开发经验,以我开发人员的理解角度,简要说明功能(Feature)是如何设计与实现的,供参考. 因架构的不同,技术实现上会有所差异,我的经验仅限定于Windows Form程序. ...

  2. Bootstrap3系列:下拉菜单

    1.引用Bootstrap 示例引用的Bootstrap版本:v3.3.7 <script src="~/Scripts/jquery-2.2.4.min.js">&l ...

  3. <!--[if IE 9]>....<!end if-->

    1.页面里面经常看到类似[if it IE 9],表示的是限定某些浏览器版本才能执行的语句. ! [if ! IE] 含义:如果不是IE It [if it IE 9] 含义:如果是IE9 Ite [ ...

  4. Android消息传递之EventBus 3.0使用详解

    前言: 前面两篇不仅学习了子线程与UI主线程之间的通信方式,也学习了如何实现组件之间通信,基于前面的知识我们今天来分析一下EventBus是如何管理事件总线的,EventBus到底是不是最佳方案?学习 ...

  5. 介绍,介绍我的底层支持库 Net.Sz.CFramework

    Net.Sz.CFramework  是我自己的底层库,是经过验证的底层库. 包含: socket tcp协议,socket http协议线程池,线程模型,任务模型,定时器模型,日志模块脚本模块一些辅 ...

  6. 产品前端重构(TypeScript、MVC框架设计)

    最近两周完成了对公司某一产品的前端重构,本文记录重构的主要思路及相关的设计内容. 公司期望把某一管理类信息系统从项目代码中抽取.重构为一个可复用的产品.该系统的前端是基于 ExtJs 5 进行构造的, ...

  7. c#生成静态html文件,封装类

    由于这段时间比较轻松,于是想到很多的企业网站,新闻网站需要将页面静态化,于是写了个封装类来实现静态文件的生成,思路比较简单,但未完善,网友可根据自己的思路将此类扩展,运用了简单工厂模式(本来刚开始看设 ...

  8. java类的初始化顺序

    在java中,当我们new一个对象时,对象中的成员,初始化块以及构造方法的加载是有一定的顺序的,看下面一副图: 一.单类(无基类)下的初始化顺序: public class Parent { stat ...

  9. A2W、W2A、A2T、T2A的使用方法

    1.A2W和W2A 在<Window核心编程>,多字节和宽字节之间转换比较麻烦的,MultiByteToWideChar函数和WideCharToMultiByte函数有足够多的参数的意义 ...

  10. windows go安装

    1.安装git 因为golang是通过git来管理远程包的,所以我们首先要安装git,下载地址:http://www.git-scm.com/download/. git安装比较简单,直接下一步即可( ...