开发者

How to save user object in WCF

I have a service that uses a custom "UserNamePasswordValidator" and need to save the validated user object to be able to retrieve it later in the service. How can I do this? Or how can I access the cr开发者_Python百科edentials of the user later in the service?

/Viktor


It isn't that simple. The problem is that the custom UserNamePasswordValidator gets called before the AuthorizationPolicy.Evaluate() and somewhere in between, WCF initializes Thread.CurrentPrincipal itself. I've tried setting it inside the password validator but it doesn't work, it gets clobbered immediately after by WCF when the initial principal is created. The only way I can make it work is if I wait and set Thread.CurrentPrincipal in the AuthorizationPolicy.Evaluate() method.

I would like to hear a WCF guru explain this because I see so many WCF beginners having the same issue with this and I see it as a flaw in the WCF design.


The short answer is that the most correct option is to create an IPrincipal instance that represents the authenticated user and put it on Thread.CurrentPrincipal.

All code running on the same thread later in the service will be able to access the authenticated user through Thread.CurrentPrincipal.

This is the standard way of dealing with authenticated users in .NET (and therefore also in WCF).

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜