我刚开始在 ASP.NET AJAX 中使用 WCF 服务.我从 Javascript 实例化我的 WCF 服务,然后将字符串变量作为参数传递给我的 WCF 服务方法(带有 OperationContract 签名).然后我返回一个绑定到我的自定义 Javascript 类的 .NET 对象(用 DataContract 定义).我无法根据登录到我的 Web 会话的用户进行身份验证.但是,WCF Web 服务是一个完全不同的服务,没有 HttpContext.Current 对象的上下文.访问该对象的最安全方法是什么?
解决方案您可以通过启用 AspNetCompatibility 来访问 HttpContext.Current,最好通过配置:
<system.serviceModel><serviceHostingEnvironment aspNetCompatibilityEnabled="true"/></system.serviceModel></配置>这反过来又允许您访问当前用户:HttpContext.Current.User - 这就是您所追求的,对吧?
您甚至可以通过使用附加属性装饰您的服务类来强制执行 AspNetCompatibility:
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)](在 System.ServiceModel.Activation 命名空间中.)如果该属性到位,除非启用 AspNetCompatibility,否则您的服务将无法启动!
I just started using WCF Services with ASP.NET AJAX. I instantiate my WCF service from Javascript and then pass string variables as arguments to my WCF Service method (with an OperationContract signature). I then return a .NET object (defined with a DataContract) which is bound to my custom Javascript class. I'm having trouble authenticating based on the user logged into my web session. However, the WCF web service is a completely different service with no context to the HttpContext.Current object. What is the most secure way to get access to that object?
解决方案You can get access to HttpContext.Current by enabling AspNetCompatibility, preferably via configuration:
<configuration> <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/> </system.serviceModel> </configuration>That in turn allows you to get access to the current user: HttpContext.Current.User - which is what you're after, right?
You can even enforce AspNetCompatibility by decorating your service class with an additional attribute:
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)](In the System.ServiceModel.Activation namespace.) If that attribute is in place, your service will fail to start unless AspNetCompatibility is enabled!
更多推荐
从 WCF Web 服务访问 HttpContext.Current
发布评论