1:服务端
/// <summary>
/// wcf 角色验证
/// </summary>
public class UserServiceAuthorizationManager : ServiceAuthorizationManager
{
protected override bool CheckAccessCore(OperationContext operationContext)
{
//获取消息头
MessageHeaders Headers = operationContext.IncomingMessageHeaders;
bool IsFind = false;
foreach (var item in Headers)
{
if (item.Name == "Guest" || item.Name == "Administrators")
{
//判断命名空间是否符合要求
if (item.Namespace == "http://wangyue/")
{
IsFind = true;
//根据Name获取Value
operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = GetPrincipal(item.Name);
break;
}
}
}
if (IsFind)
{
return true;
}
else
{
return false;
}
}
private IPrincipal GetPrincipal(string userName)
{
GenericIdentity identity = new GenericIdentity(userName);
if (userName == "Administrators")
{
return new GenericPrincipal(identity, new string[] { "Administrators" });
}
return new GenericPrincipal(identity, new string[] { "Guest" });
}
}
2:配置文件
<behaviors>
<serviceBehaviors>
<behavior>
<serviceThrottling maxConcurrentCalls="2147483647" maxConcurrentInstances="2147483647" maxConcurrentSessions="2147483647"/>
<!-- 为避免泄漏元数据信息,请在部署前将以下值设置为 false -->
<serviceMetadata httpGetEnabled="true"/>
<!-- 要接收故障异常详细信息以进行调试,请将以下值设置为 true。在部署前设置为 false 以避免泄漏异常信息 -->
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceAuthorization principalPermissionMode="Custom" serviceAuthorizationManagerType="WcfService1.UserServiceAuthorizationManager, WcfService1" >
</serviceAuthorization>
</behavior>
</serviceBehaviors>
</behaviors>
3:客户端代码
ServiceManager.UsersClient Client = new ServiceManager.UsersClient();
#region 数据管道加密
OperationContextScope scope = new OperationContextScope(Client.InnerChannel);
MessageHeader header = MessageHeader.CreateHeader("Guest", "http://wangyue/", "robinzhang");
OperationContext.Current.OutgoingMessageHeaders.Add(header);
#endregion
_GridControl.DataSource = Client.GetApplylog(UserInfo.UserPid.Value);