如果我有类似的类型:
public class Context
{
public Context()
{
}
public IQueryable<Record> Records
{
get
{
if (user == someone) //psuedocode
{
//return something
}
else
{
//return something else
}
}
}
}
我在这样的DataService中托管:
WebServiceHost host = new WebServiceHost(typeof(DataService<Context>, "http://localhost:43334/");
WebHttpBinding binding = new WebHttpBinding();
ServiceEndpoint endpoint = host.AddServiceEndpoint(
typeof(System.Data.Services.IRequestHandler), binding,
"folder");
host.Open();
如何从客户端请求获取对提供的凭据的访问权限?我知道有拒绝访问的选项,但我如何实际获得提供的凭据以确定拒绝谁和/或给定用户可以访问哪些记录?我觉得这真的很容易,我错过了一些东西,或者我正在咆哮错误的树。
答案 0 :(得分:1)
要在DataService中访问当前登录用户的凭据,您需要:
a)设置数据服务以便能够访问当前的Web Http Context
using System.ServiceModel.Activation; /// <summary> /// Require that the WCF host setup access to the WebHttpContext of the currently executing request. /// More details here : http://msdn.microsoft.com/en-us/library/aa702682.aspx /// </summary> [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)] public class ContextService : DataService<Context>
b)通过HttpContext.Current.User属性访问当前用户的详细信息
if(System.Web.HttpContext.Current.User.Identity.Name == someone) { //返回一些东西 } 其他 { //返回别的东西
}
一些有用的链接
HttpContext.Current.User on MSDN
Sharing state between ASP.NET and WCF