我目前正在开发自己的 AuthorizationManager,它看起来像这样:
public class MyAuthorizationManager : ServiceAuthorizationManager
{
static bool initialize = false;
public override bool CheckAccess(OperationContext operationContext)
{
ServiceSecurityContext context = ServiceSecurityContext.Current;
string[] roles = Roles.GetRolesForUser(operationContext.ServiceSecurityContext.PrimaryIdentity.Name);
return roles.Count() > 0;
}
public override bool CheckAccess(OperationContext operationContext, ref System.ServiceModel.Channels.Message message)
{
MessageBuffer buffer = operationContext.RequestContext.RequestMessage.CreateBufferedCopy(int.MaxValue);
message = buffer.CreateMessage();
Console.WriteLine(message);
return base.CheckAccess(operationContext, ref message);
}
}
我想根据服务合同参数执行授权检查,例如,如果合同看起来像:
[ServiceContract]
public interface IServerContract
{
[OperationContract]
[ServiceKnownType(typeof(ChildTypeOne))]
[ServiceKnownType(typeof(ChildTypeTwo))]
string SecuredMessage(ParentType incoming);
}
我的目标是根据类型进行授权,例如,如果传入日期是 ChildTypeOne 则进行授权,如果是 ChildTypeTwo 则拒绝。
我检查了“消息”,它看起来像:
- 必须解密
- 似乎高度依赖绑定
有没有简单的方法来简单地获取参数类型?