无法在web.config中为WCF服务设置授权规则

时间:2011-02-09 11:24:44

标签: .net asp.net wcf web-config authorization

我在帖子中读到,您可以在Web配置中使用ASP.Net授权来控制对WCF Web服务的访问,以替换以下属性:

[PrincipalPermission(SecurityAction.Demand, Role="Administrators")]

要测试我一直在使用“管理员”,这是一个有效的角色,所以应该允许我访问和“测试”,这不是。这在使用上述属性时工作正常但是当我将其注释掉并在我的Web.Config文件中使用它时:

<authentication mode="Windows" />
<authorization>
  <allow roles=".\TEST"/>
  <deny roles="*"/>
</authorization>

它仍允许我访问。

所以我想知道我是否在web.config中出错了,或者我读的是不是说使用它。

仅供参考,这是我看过的帖子:

Using Windows Role authentication in the App.config with WCF

以下是我的web.config:

<?xml version="1.0"?>
<configuration>

  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <authentication mode="Windows" />
    <authorization>
      <allow roles=".\TEST"/>
      <deny users="*"/>
    </authorization>
  </system.web>
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="WcfService1.ServiceBehaviour1" name="WcfService1.Service1">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpointBinding"
                  name="BasicHttpEndpoint" contract="WcfService1.IService1">
          <identity>
            <dns value="localhost"/>
          </identity>
        </endpoint>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WcfService1.ServiceBehaviour1">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>

</configuration>

感谢。

1 个答案:

答案 0 :(得分:8)

如果WCF与ASP.NET一起hosted side-by-side,则ASP.NET授权规则不用于WCF服务。要使用它们,您必须将WCF服务转为ASP.NET compatibility mode

相关问题
最新问题