我正在构建一个托管在IIS上的WCF HTTP Web服务,并使用基本身份验证对请求进行身份验证。
一切正常,直到我向IsOneWay=true添加OperationContract,这似乎清除了我的自定义ServiceAuthenticationManager可用的请求标题。< / p>
身份验证的代码如下所示:
public class MyUserAuthentication : ServiceAuthenticationManager
{
public override ReadOnlyCollection<IAuthorizationPolicy> Authenticate(ReadOnlyCollection<IAuthorizationPolicy> authPolicy, Uri listenUri, ref Message message)
{
var requestProperties = (HttpRequestMessageProperty)message.Properties[HttpRequestMessageProperty.Name];
string rawAuthHeader = requestProperties.Headers["Authorization"]; // here rawAuthHeader == null
IPrincipal principal = CheckCredentials(rawAuthHeader);
[...]
和ServiceContract:
[ServiceContract]
public interface IMyService
{
[OperationContract(IsOneWay=true)] // Works if [OperationContract(IsOneWay=false)]
[WebInvoke(Method = "POST", UriTemplate = "/MyOperation", RequestFormat = WebMessageFormat.Json, ResponseFormat = WebMessageFormat.Json, BodyStyle = WebMessageBodyStyle.Bare)]
void MyOperation(MyDataType data);
}
IsOneWay=true是否有任何理由篡改请求标头?如果没有,任何可能导致问题的想法?