本文转自:https://msdn.microsoft.com/en-us/library/aa702720(v=vs.110).aspx

The PrincipalPermissionAttribute is a declarative means of controlling access to service methods. When using this attribute, the PrincipalPermissionMode enumeration specifies the mode for performing authorization checks. When this mode is set to Custom, it enables the user to specify a custom IPrincipal class returned by the CurrentPrincipal property. This topic illustrates the scenario when Custom is used in combination with a custom authorization policy and a custom principal.

For more information about using the PrincipalPermissionAttribute, see How to: Restrict Access with the PrincipalPermissionAttribute Class.

Example

namespace CustomMode

{

    public class Test

    {

        public static void Main()

        {

            try

            {

                ShowPrincipalPermissionModeCustom ppwm = new ShowPrincipalPermissionModeCustom();

                ppwm.Run();

            }

            catch (Exception exc)

            {

                Console.WriteLine("Error: {0}", exc.Message);

                Console.ReadLine();

            }

        }

    }

    class ShowPrincipalPermissionModeCustom

    {

        [ServiceContract]

        interface ISecureService

        {

            [OperationContract]

            string Method1(string request);

        }

        [ServiceBehavior]

        class SecureService : ISecureService

        {

            [PrincipalPermission(SecurityAction.Demand, Role = "everyone")]

            public string Method1(string request)

            {

                return String.Format("Hello, \"{0}\"", Thread.CurrentPrincipal.Identity.Name);

            }

        }

        public void Run()

        {

            Uri serviceUri = new Uri(@"http://localhost:8006/Service");

            ServiceHost service = new ServiceHost(typeof(SecureService));

            service.AddServiceEndpoint(typeof(ISecureService), GetBinding(), serviceUri);

            List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>();

            policies.Add(new CustomAuthorizationPolicy());

            service.Authorization.ExternalAuthorizationPolicies = policies.AsReadOnly();

            service.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom;

            service.Open();

            EndpointAddress sr = new EndpointAddress(

                serviceUri, EndpointIdentity.CreateUpnIdentity(WindowsIdentity.GetCurrent().Name));

            ChannelFactory<ISecureService> cf = new ChannelFactory<ISecureService>(GetBinding(), sr);

            ISecureService client = cf.CreateChannel();

            Console.WriteLine("Client received response from Method1: {0}", client.Method1("hello"));

            ((IChannel)client).Close();

            Console.ReadLine();

            service.Close();

        }

        public static Binding GetBinding()

        {

            WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);

            binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

            return binding;

        }

        class CustomAuthorizationPolicy : IAuthorizationPolicy

        {

            string id = Guid.NewGuid().ToString();

            public string Id

            {

                get { return this.id; }

            }

            public ClaimSet Issuer

            {

                get { return ClaimSet.System; }

            }

            public bool Evaluate(EvaluationContext context, ref object state)

            {

                object obj;

                if (!context.Properties.TryGetValue("Identities", out obj))

                    return false;

                IList<IIdentity> identities = obj as IList<IIdentity>;

                if (obj == null || identities.Count <= 0)

                    return false;

                context.Properties["Principal"] = new CustomPrincipal(identities[0]);

                return true;

            }

        }

        class CustomPrincipal : IPrincipal

        {

            IIdentity identity;

            public CustomPrincipal(IIdentity identity)

            {

                this.identity = identity;

            }

            public IIdentity Identity

            {

                get { return this.identity; }

            }

            public bool IsInRole(string role)

            {

                return true;

            }

        }

    }

}

[转]How to: Create a Custom Principal Identity的更多相关文章

  1. [转]How do you create a custom AuthorizeAttribute in ASP.NET Core?

    问: I'm trying to make a custom authorization attribute in ASP.NET Core. In previous versions it was ...

  2. Part 13 Create a custom filter in AngularJS

    Custom filter in AngularJS 1. Is a function that returns a function 2. Use the filter function to cr ...

  3. How could I create a custom windows message?

    [问题] Our project is running on Windows CE 6.0 and is written in C++ . We have some problems with the ...

  4. [Angular] Create a custom validator for reactive forms in Angular

    Also check: directive for form validation User input validation is a core part of creating proper HT ...

  5. [Angular] Create a custom validator for template driven forms in Angular

    User input validation is a core part of creating proper HTML forms. Form validators not only help yo ...

  6. how to create react custom hooks with arguments

    how to create react custom hooks with arguments React Hooks & Custom Hooks // reusable custom ho ...

  7. [Angular] Create a custom pipe

    For example we want to create a pipe, to tranform byte to Mb. We using it in html like: <div> ...

  8. Create a custom configSection in web.config or app.config file

    config file: <?xml version="1.0" encoding="utf-8" ?> <configuration> ...

  9. How to create a custom action type with a custom control (BarCheckItem), associated with it

    https://www.devexpress.com/Support/Center/Example/Details/E1977/how-to-create-a-custom-action-type-w ...

随机推荐

  1. Enterprise Solution 开源项目资源汇总 Visual Studio Online 源代码托管 企业管理软件开发框架

    Enterprise Solution 是一套管理软件开发框架,在这个框架基础上开发出一套企业资源计划系统Enterprise Edition. 现将Enterprise Solution开发过程中遇 ...

  2. CodeSmith模板代码生成实战详解

    前言 公司项目是基于soa面向服务的架构思想开发的,项目分解众多子项目是必然的.然而子项目的架子结构种类也过多的话,就会对后期的开发维护产生一锅粥的感觉.为了尽可能的在结构层避免出现这种混乱的现象,我 ...

  3. 【译】Unity3D Shader 新手教程(1/6)

    本文为翻译,附上原文链接. 转载请注明出处--polobymulberry-博客园. 刚开始接触Unity3D Shader编程时,你会发现有关shader的文档相当散,这也造成初学者对Unity3D ...

  4. MVC、MVP、MVVM、Angular.js、Knockout.js、Backbone.js、React.js、Ember.js、Avalon.js、Vue.js 概念摘录

    注:文章内容都是摘录性文字,自己阅读的一些笔记,方便日后查看. MVC MVC(Model-View-Controller),M 是指业务模型,V 是指用户界面,C 则是控制器,使用 MVC 的目的是 ...

  5. web api添加拦截器

    实现思路 1.标识控制器有拦截特性: 2.控制器拦截处理: 代码实现 1.标识控制器有拦截特性,代码: [MyFilter] public string PostFindUser([FromBody] ...

  6. Hadoop的学习--安装配置与使用

    安装配置 系统:Ubuntu14.04 java:1.7.0_75 相关资料 官网 下载地址 官网文档 安装 我们需要关闭掉防火墙,命令如下: sudo ufw disable 下载2.6.5的版本, ...

  7. YYModel 源码解读(二)之NSObject+YYModel.h (1)

    本篇文章主要介绍 _YYModelPropertyMeta 前边的内容 首先先解释一下前边的辅助函数和枚举变量,在写一个功能的时候,这些辅助的东西可能不是一开始就能想出来的,应该是在后续的编码过程中 ...

  8. SQL Tuning 基础概述01 - Autotrace的设定

    1.autotrace的设定 SQL> set autotrace Usage: SET AUTOT[RACE] {OFF | ON | TRACE[ONLY]} [EXP[LAIN]] [ST ...

  9. Oracle --> Vertica 数据类型转换规则

    需求:在Vertica数据库上建表,表结构来源于原Oracle数据库,故需要转换成Vertica数据库库表结构.   实际转换操作需要评估源库用到的所有数据类型和数据本身特性. 下面是总结的某场景下的 ...

  10. 网站实现微信登录之回调函数中登录逻辑的处理--基于yii2开发的描述

    上一篇文章网站实现微信登录之嵌入二维码中描述了如何在自己的登录页面内嵌入登录二维码,今天的这篇文章主要是描述下在扫码成功之后微信重定向回网站后登录逻辑的处理,其实也就是验证身份信息,授权用户登录的逻辑 ...