Geek Answers Handbook

Why doesn't my IAuthorizationPolicy set Thread.CurrentPrincipal with my CustomPrincipal?

For my WCF services, I implemented IAuthorizationPolicy and connected it (and I can confirm that it is being used).

In the Evaluate () method, I configure the user principle as follows:

evaluationContext.Properties["Principal"] = myCustomPrincipal;

However, when calling the Thread.CurrentPrincipal service is GenericPrincipal!

My service behavior is configured as follows:

<serviceAuthorization principalPermissionMode="Custom">
    <authorizationPolicies>
        <add policyType="MyNamespace.MyPrincipalAuthorizationPolicy, MyProject, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
    </authorizationPolicies>
</serviceAuthorization>

I tried to use a reflector to see what was happening, but I didn’t see anything.

Am I doing it wrong? Is there some kind of configuration that I am missing?

+5
source share
1 answer

, . , .

, , IInstanceProvider ( ). -, . , .

, , .

, , IAuthorizationPolicy - , OperationContext.Current.

public object GetInstance(InstanceContext instanceContext, Message message)
{
    var principal =
        OperationContext.Current.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] 
            as MyPrincipal;
    if (principal != null)
        Thread.CurrentPrincipal = principal;
    return ObjectFactory.GetInstance(_serviceType);
}

, , .

+5

More articles:


All Articles