我有一个连接到 WCF 服务的 WPF 应用程序。我需要对用户进行身份验证才能调用我的服务的任何方法,但如果您没有帐户,我还需要用户能够注册。
我首先考虑使用 usernamePasswordvaldator 但我找不到一种方法来创建一个不通过我的验证器类的验证方法的注册方法。
然后我看到了 MembershipPovider 但没有找到任何与我的情况相匹配的例子。
问问题
168 次
1 回答
0
You can create a special user in the database. Add this user to a special membership role. This special user can only create new users, it doesn't have any other permissions to the service methods.
You should add a PriciplePermission attirbute on all of your methods, and allow your new role (CreateUserRole) to access just the CreateUser method.
[PrincipalPermission(SecurityAction.Demand, Role = "CreateUserRole")]
public void CreateUser(string username, string password)
All other methods should have different roles:
[PrincipalPermission(SecurityAction.Demand, Role = "ADMINISTRATORS")]
public bool DeleteUser(string username)
so that this special user can only access the CreateUser method.
于 2013-02-01T12:56:54.503 回答