我的CustomAuthorizationPolicy.Evaluate()方法永远不会触发
我创建了一个带有自定义授权和身份validation的wcf服务,如您所见:
public class AuthorizationPolicy : IAuthorizationPolicy { string id = Guid.NewGuid().ToString(); public string Id { get { return this.id; } } public System.IdentityModel.Claims.ClaimSet Issuer { get { return System.IdentityModel.Claims.ClaimSet.System; } } // this method gets called after the authentication stage public bool Evaluate(EvaluationContext evaluationContext, ref object state) { // get the authenticated client identity IIdentity client = HttpContext.Current.User.Identity; // set the custom principal evaluationContext.Properties["Principal"] = new CustomPrincipal(client); System.IO.File.WriteAllText(@"d:\a.txt", client.Name); return true; } } public class CustomPrincipal : IPrincipal { private IIdentity _identity; public IIdentity Identity { get { return _identity; } } public CustomPrincipal(IIdentity identity) { System.IO.File.WriteAllText(@"d:\a.txt", identity.Name); _identity = identity; } public bool IsInRole(string role) { System.IO.File.WriteAllText(@"d:\a.txt", role); return false; } } 使用此webconfig:
和
和
[OperationContract] [PrincipalPermission(SecurityAction.Demand, Role = "Admin")] [WebInvoke(Method = "GET", UriTemplate = "/Data/{data}")] string GetData(string data);
但我的评估function从未解雇过。 为什么?