我刚开始将WCF服务与ASP.NET AJAX结合使用.我从Javascript实例化WCF服务,然后将字符串变量作为参数传递给WCF Service方法(带有OperationContract签名).然后,我返回绑定到我的自定义Javascript类的.NET对象(使用DataContract定义).我无法根据登录到我的Web会话中的用户进行身份验证.但是,WCF Web服务是完全不同的服务,没有HttpContext.Current对象的上下文.访问该对象的最安全方法是什么?
I just started using WCF Services with ASP.NET AJAX. I instantiate my WCF service from Javascript and then pass string variables as arguments to my WCF Service method (with an OperationContract signature). I then return a .NET object (defined with a DataContract) which is bound to my custom Javascript class. I'm having trouble authenticating based on the user logged into my web session. However, the WCF web service is a completely different service with no context to the HttpContext.Current object. What is the most secure way to get access to that object?
推荐答案您可以通过启用AspNetCompatibility(最好通过配置)来访问HttpContext.Current:
You can get access to HttpContext.Current by enabling AspNetCompatibility, preferably via configuration:
<configuration> <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true"/> </system.serviceModel> </configuration>这反过来又使您可以访问当前用户:HttpContext.Current.User-这是您所追求的,对吗?
That in turn allows you to get access to the current user: HttpContext.Current.User - which is what you're after, right?
您甚至可以通过使用其他属性装饰服务类来强制实施AspNetCompatibility:
You can even enforce AspNetCompatibility by decorating your service class with an additional attribute:
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)](在System.ServiceModel.Activation名称空间中.) 如果该属性到位,除非启用AspNetCompatibility,否则您的服务将无法启动!
(In the System.ServiceModel.Activation namespace.) If that attribute is in place, your service will fail to start unless AspNetCompatibility is enabled!
更多推荐
从WCF Web服务访问HttpContext.Current
发布评论