<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="True" />
<serviceDebug includeExceptionDetailInFaults="True" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="blah" />
Blah will have to
implement IAuthorizationPolicy
Issuer can be disregarded thus:
public
System.IdentityModel.Claims.ClaimSet Issuer
{
get
{ throw new NotImplementedException(); }
}
But at least evaluate should be implemented
public bool Evaluate(EvaluationContext
evaluationContext, ref object
state)
{
At this point you can add information to the authorization
policy thus
evaluationContext.Properties["Principal"] = new
ReportingPrincipal(identity);
later this information can be derived thus
var
principal = ServiceSecurityContext.Current.AuthorizationContext.Properties["Principal"] as
ReportingPrincipal;
No comments:
Post a Comment