在WCF中如何配置基于asp.net role的授權(quán)機制，看了些時日，總算有點眉目了 。

以下是一個典型的通過自定義的role-based (principalPermissionMode=UseAspNetRoles)來進(jìn)行授權(quán)的WCF? service config file.

Code
<?xml?version="1.0"?encoding="utf-8"??>
<configuration>
????<system.serviceModel>

????????<behaviors>
????????????<serviceBehaviors>
????????????????<behavior?name='ServiceBehavior'>
????????????????????<serviceAuthorization??principalPermissionMode='UseAspNetRoles'?roleProviderName='AuthorizationStoreRoleProvider'?/>
????????????????????<serviceMetadata?httpGetEnabled?='true'/>
????????????????</behavior>
????????????</serviceBehaviors>
????????????
????????</behaviors>

????????<services>
????????????<service?name="Service.ResourceAccessServiceType"
?????????????????????behaviorConfiguration='ServiceBehavior'>
????????????????<host>
????????????????????<baseAddresses>
????????????????????????<add?baseAddress='net.tcp://localhost:9000/Woodgrove'/>
????????????????????????<add?baseAddress='http://localhost:8000/Woodgrove'/>
????????????????????</baseAddresses>
????????????????</host>
????????????????<endpoint?address="ResourceAccess"
??????????????????????????binding="netTcpBinding"
??????????????????????????contract="Service.IResourceAccessContract"?/>
????????????????<endpoint?address="mex"
??????????????????????????binding="mexHttpBinding"?
??????????????????????????contract="IMetadataExchange"?/>
????????????</service>


????????</services>

????????
????</system.serviceModel>
????
????

????<!--?Role?Provider?Configuration?-->
????<system.web>
????????<roleManager?defaultProvider="AuthorizationStoreRoleProvider"?
?????????????????????enabled="true"
?????????????????????cacheRolesInCookie="true"
?????????????????????cookieName=".ASPROLES"
?????????????????????cookieTimeout="30"
?????????????????????cookiePath="/"
?????????????????????cookieRequireSSL="false"
?????????????????????cookieSlidingExpiration="true"
?????????????????????cookieProtection="All"??>
????????????<providers>
????????????????<clear?/>
????????<add
???????????name="AuthorizationStoreRoleProvider"
???????????type="System.Web.Security.AuthorizationStoreRoleProvider"
???????????connectionStringName="AuthorizationServices"
???????????applicationName="RoleProvider"?/>
????????
????????????</providers>
????????</roleManager>
????</system.web>

????<!--?Connection?Strings?-->
????<connectionStrings>
????????<add?
????????????name="AuthorizationServices"?
connectionString="msxml://D:\documentation\AuthorizationStore.xml"?/>
????</connectionStrings>
????
</configuration>

?

而通過azMan生成的授權(quán)配置 xml文件（該文件路徑：D:\documentation\AuthorizationStore.xml）如下

Code
<?xml?version="1.0"?encoding="utf-8"?>
<AzAdminManager?MajorVersion="1"?MinorVersion="0">
????<AzApplication?Guid="ce0032aa-9b1a-4243-b065-ee654d1ec90d"?Name="RoleProvider"?Description=""?ApplicationVersion=""><AzOperation?Guid="497d2e02-18d4-49d2-b8ef-88bc58828509"?Name="SomeOperation"?Description=""/><AzTask?Guid="c1ca5e81-099b-4ba0-ab94-d3c9ed583b72"?Name="Manager"?Description=""?BizRuleImportedPath=""?RoleDefinition="True"/><AzTask?Guid="a9dfdf2b-fe2a-4573-93e0-28a2e2afe234"?Name="StaffMember"?Description=""?BizRuleImportedPath=""?RoleDefinition="True"/><AzRole?Guid="2381420b-45e9-4c27-9fd5-299e241aa4df"?Name="Manager"><TaskLink>c1ca5e81-099b-4ba0-ab94-d3c9ed583b72</TaskLink><Member>S-1-5-21-2146773085-903363285-719344707-661121</Member></AzRole><AzRole?Guid="36e60ed8-fc70-4b12-9353-95a96e13e431"?Name="StaffMember"><TaskLink>a9dfdf2b-fe2a-4573-93e0-28a2e2afe234</TaskLink><Member>S-1-1-0</Member></AzRole></AzApplication></AzAdminManager>

?

那么，什么是azMan,如何配置？這里推薦一片極好的文章，講解了如何利用azMan對于中間層的.net 應(yīng)用程序?qū)崿F(xiàn)role-based的身份安全驗證機制。

鏈接地址如下:http://msdn.microsoft.com/zh-cn/magazine/cc300469(en-us).aspx

轉(zhuǎn)載于:https://www.cnblogs.com/Winston/archive/2008/12/10/1352127.html

總結(jié)

以上是生活随笔為你收集整理的如何利用azMan (Authorization Manager) 实现 role-based的安全验证机制的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。