本文转自:https://msdn.microsoft.com/en-us/library/aa702720(v=vs.110).aspx

The PrincipalPermissionAttribute is a declarative means of controlling access to service methods. When using this attribute, the PrincipalPermissionMode enumeration specifies the mode for performing authorization checks. When this mode is set to Custom, it enables the user to specify a custom IPrincipal class returned by the CurrentPrincipal property. This topic illustrates the scenario when Custom is used in combination with a custom authorization policy and a custom principal.

For more information about using the PrincipalPermissionAttribute, see How to: Restrict Access with the PrincipalPermissionAttribute Class.

Example

namespace CustomMode

{

    public class Test

    {

        public static void Main()

        {

            try

            {

                ShowPrincipalPermissionModeCustom ppwm = new ShowPrincipalPermissionModeCustom();

                ppwm.Run();

            }

            catch (Exception exc)

            {

                Console.WriteLine("Error: {0}", exc.Message);

                Console.ReadLine();

            }

        }

    }

    class ShowPrincipalPermissionModeCustom

    {

        [ServiceContract]

        interface ISecureService

        {

            [OperationContract]

            string Method1(string request);

        }

        [ServiceBehavior]

        class SecureService : ISecureService

        {

            [PrincipalPermission(SecurityAction.Demand, Role = "everyone")]

            public string Method1(string request)

            {

                return String.Format("Hello, \"{0}\"", Thread.CurrentPrincipal.Identity.Name);

            }

        }

        public void Run()

        {

            Uri serviceUri = new Uri(@"http://localhost:8006/Service");

            ServiceHost service = new ServiceHost(typeof(SecureService));

            service.AddServiceEndpoint(typeof(ISecureService), GetBinding(), serviceUri);

            List<IAuthorizationPolicy> policies = new List<IAuthorizationPolicy>();

            policies.Add(new CustomAuthorizationPolicy());

            service.Authorization.ExternalAuthorizationPolicies = policies.AsReadOnly();

            service.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom;

            service.Open();

            EndpointAddress sr = new EndpointAddress(

                serviceUri, EndpointIdentity.CreateUpnIdentity(WindowsIdentity.GetCurrent().Name));

            ChannelFactory<ISecureService> cf = new ChannelFactory<ISecureService>(GetBinding(), sr);

            ISecureService client = cf.CreateChannel();

            Console.WriteLine("Client received response from Method1: {0}", client.Method1("hello"));

            ((IChannel)client).Close();

            Console.ReadLine();

            service.Close();

        }

        public static Binding GetBinding()

        {

            WSHttpBinding binding = new WSHttpBinding(SecurityMode.Message);

            binding.Security.Message.ClientCredentialType = MessageCredentialType.Windows;

            return binding;

        }

        class CustomAuthorizationPolicy : IAuthorizationPolicy

        {

            string id = Guid.NewGuid().ToString();

            public string Id

            {

                get { return this.id; }

            }

            public ClaimSet Issuer

            {

                get { return ClaimSet.System; }

            }

            public bool Evaluate(EvaluationContext context, ref object state)

            {

                object obj;

                if (!context.Properties.TryGetValue("Identities", out obj))

                    return false;

                IList<IIdentity> identities = obj as IList<IIdentity>;

                if (obj == null || identities.Count <= 0)

                    return false;

                context.Properties["Principal"] = new CustomPrincipal(identities[0]);

                return true;

            }

        }

        class CustomPrincipal : IPrincipal

        {

            IIdentity identity;

            public CustomPrincipal(IIdentity identity)

            {

                this.identity = identity;

            }

            public IIdentity Identity

            {

                get { return this.identity; }

            }

            public bool IsInRole(string role)

            {

                return true;

            }

        }

    }

}

[转]How to: Create a Custom Principal Identity的更多相关文章

  1. [转]How do you create a custom AuthorizeAttribute in ASP.NET Core?

    问: I'm trying to make a custom authorization attribute in ASP.NET Core. In previous versions it was ...

  2. Part 13 Create a custom filter in AngularJS

    Custom filter in AngularJS 1. Is a function that returns a function 2. Use the filter function to cr ...

  3. How could I create a custom windows message?

    [问题] Our project is running on Windows CE 6.0 and is written in C++ . We have some problems with the ...

  4. [Angular] Create a custom validator for reactive forms in Angular

    Also check: directive for form validation User input validation is a core part of creating proper HT ...

  5. [Angular] Create a custom validator for template driven forms in Angular

    User input validation is a core part of creating proper HTML forms. Form validators not only help yo ...

  6. how to create react custom hooks with arguments

    how to create react custom hooks with arguments React Hooks & Custom Hooks // reusable custom ho ...

  7. [Angular] Create a custom pipe

    For example we want to create a pipe, to tranform byte to Mb. We using it in html like: <div> ...

  8. Create a custom configSection in web.config or app.config file

    config file: <?xml version="1.0" encoding="utf-8" ?> <configuration> ...

  9. How to create a custom action type with a custom control (BarCheckItem), associated with it

    https://www.devexpress.com/Support/Center/Example/Details/E1977/how-to-create-a-custom-action-type-w ...

随机推荐

  1. C#:浅析结构与类的区别

    一.      结构:值类型,存储在堆栈中,位于计算机的内存逻辑区域中      类   :引用类型,存储在堆中,位于计算机内存的不同逻辑位置   二.      较小的数据使用结构:      将一 ...

  2. windows下mysql 主从同步

    半路出家到Java,刚开始听说到说程序支持读写分离感觉特别高大上,也一直没接触 偶然的机会接触到了,就一定得记下来. 今天先讲讲数据库的主从同步,两个好处: 一是读写分离可以用上.比如 写操作就写到主 ...

  3. .Net Html如何上传图片到一般应用程序

    用html实现图片上传 后台采用.net其中在这里要借用一个js插件 在这里我会写一个图片上传的一个小Demo,有不全的地方多多包容,和提议, 我把已经写好的demo已经上传到百度云 在这里可以下载 ...

  4. Memcached初识

    高性能分布式内存对象缓存系统. 参考: Memcached官网: Memcached简介-1:Memcached简介-2: Memcached 教程 | 菜鸟教程:

  5. C#中怎样实现序列化和反序列化

    我们想要将数据进行持久化的操作的话,也就是将数据写入到文件中,我们在C#中可以通过IO流来操作,同时也可以通过序列化来操作,本人是比较推荐使用序列化操作的 因为我们如果想要将一个对象持久化到文件中 如 ...

  6. canvas调用scale或者drawImage图片操作后,锯齿感很明显的解决

    <script type="text/javascript"> //解决canvas画画图片 var mengvalue = -1; var phoneWidth = ...

  7. 【设计模式】单例模式 c++实现

    单例模式一般应用在整个应用中只会存在一个对象.比如应用类,游戏场景类,工具类等. 实现方式: 头文件 singleton.h: #ifndef _SINGLETON_H_ #define _SINGL ...

  8. 关于Three.js基本几何形状之SphereGeometry球体学习

    一.有关球体SphereGeometry构造函数参数说明 <1>.SphereGeometry(radius, widthSegments, heightSegments, phiStar ...

  9. Css3新特性总结之边框与背景(二)

    一.条纹背景 利用background为linear-gradient函数实现,linear-gradient取值如下: <angle>:角度,渐变的方向 to left right to ...

  10. C++02.访问控制

    1.class是struct的扩展,它包括数据成员和成员函数. 2.在C++中,有三种访问权限: (1)private:默认,只供类内部的函数使用. (2)public:类外的程序可以使用. (3)p ...