1 
<system.web>
    <compilation debug="true"
                 targetFramework="4.0" />
    <httpRuntime requestPathInvalidCharacters="" />
    <authentication mode="Forms" />
    <membership defaultProvider=">
        <providers>
            <clear />
                <add name="ANSMP"
                     type="Test.Authentication.CustomMembershipProvider"
                     connectionStringName="DataConnection" />
         </providers>
    </membership>
    <roleManager enabled="true"
                 defaultProvider="ANSRP">
        <providers >
            <clear />       
                <add connectionStringName="DataConnection"
                     applicationName="/"
                     name="ANSRP"
                     type="Test.Authentication.CustomRoleProvider" />
        </providers>
    </roleManager>
</system.web>
<system.serviceModel>
    <behaviours>
        <serviceBehaviors>
            <behavior name="TestDataBehaviour">
                <serviceCredentials>
                    <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
                                            membershipProviderName="ANSMP"/>
                </serviceCredentials>
                <serviceMetadata httpGetEnabled="true"
                                 httpsGetEnabled="true" />
                <serviceAuthorization principalPermissionMode="UseAspNetRoles"
                                      roleProviderName="ANSRP" />
                <dataContractSerializer ignoreExtensionDataObject="true" />
                <serviceDebug httpHelpPageBinding="webHttpBinding"
                              httpHelpPageBindingConfiguration=""
                              includeExceptionDetailInFaults="true" />
            </behavior>
        </serviceBehaviour>
    </behaviors>
</system.serviceModel>

假设我将自定义成员资格提供者和自定义角色提供者留空(Asin,所有方法throw NotImplementedException);当我尝试使用[PrinciplePermission(SecurityAction.Demand, Role = "Custom")]或检查角色时,我预计会出现错误var b = Thread.CurrentPrincipal.IsInRole("Custom")]

然而,它只是不断返回Access is denied(在属性上)和false在场上。

UsingMembership.GetAllUsers()实际上确实给了我一个NotImplementedError.. 但是我如何确保当我使用 PrincipalPermission 属性时它会触发我的自定义角色提供程序和我的自定义成员资格提供程序?

编辑

我已经尝试添加, Test.Authentication到会员提供者的类型以及角色提供者......

但是目前 PrinciplePermission 告诉我Request for principal permission failed

编辑 2

检查我的跟踪日志时,我发现以下内容:

The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.PrincipalPermission
The first permission that failed was:
<IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<Identity Authenticated="true"
Role="Customer"/>
</IPermission>

The demand was for:
<IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<Identity Authenticated="true"
Role="Customer"/>
</IPermission>

The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

我也收到了一些Extension type not found警告

<TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning">
    <TraceIdentifier>http://msdn.microsoft.com/nl-NL/library/System.ServiceModel.ExtensionTypeNotFound.aspx</TraceIdentifier>
    <Description>Extension type not found.</Description>
    <AppDomain>/LM/W3SVC/1/ROOT/webapi3-6-130082517071825580</AppDomain>
    <ExtendedData xmlns="http://schemas.microsoft.com/2006/08/ServiceModel/DictionaryTraceRecord">
        <ExtensionName>pollingDuplexHttpBinding</ExtensionName>
        <ExtensionType>System.ServiceModel.Configuration.PollingDuplexHttpBindingCollectionElement, System.ServiceModel.PollingDuplex, version=3.0.0.0, Culture=neutral</ExtensionType>
    </ExtendedData>
</TraceRecord>
4

1 回答 1

0

经过很长时间,我发现上面显示的每个人都正确地工作

在客户端,当您创建服务引用时,会生成 2 个端点(在我们的例子中。我不知道这是否是标准的)。一个是安全的,一个是.. 好吧,不是安全的。

为了使用令牌,我一直使用非安全令牌......但为了使用会员提供者、角色提供者和用户名密码验证,我需要使用安全端点!

于 2013-03-21T13:17:29.683 回答