|
Security
|
Represents an authorization policy that can be used by WCF services for enabling role-based security.
Inheritance Hierarchy
Namespace: GSF.ServiceModel
Assembly: GSF.ServiceModel (in GSF.ServiceModel.dll) Version: 2.4.257-beta
SyntaxThe SecurityPolicy type exposes the following members.
Constructors| Name | Description | |
|---|---|---|
 | SecurityPolicy | Initializes a new instance of the SecurityPolicy class. |
Properties| Name | Description | |
|---|---|---|
 | Id | Gets the identifier of this SecurityPolicy instance. |
| Issuer | Gets a claim set that represents the issuer of this SecurityPolicy. |
Methods| Name | Description | |
|---|---|---|
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object) |
| Evaluate | Evaluates the evaluationContext and initializes security. |
 | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object) |
| GetHashCode | Serves as the default hash function. (Inherited from Object) |
| GetResourceName | Gets the name of resource being accessed. |
| GetType | Gets the Type of the current instance. (Inherited from Object) |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object) |
| ToString | Returns a string that represents the current object. (Inherited from Object) |
Extension Methods| Name | Description | |
|---|---|---|
 | GetEnumValueOrDefault |
Gets the enumeration constant for value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
| GetEnumValueOrDefaultT |
Gets the enumeration constant for this value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
Example
Common config file entries:
Internal WCF service configuration:
External WCF service configuration:
C#
<?xml version="1.0"?> <configuration> <configSections> <section name="categorizedSettings" type="GSF.Configuration.CategorizedSettingsSection, GSF.Core" /> </configSections> <categorizedSettings> <securityProvider> <add name="ApplicationName" value="" description="Name of the application being secured as defined in the backend security datastore." encrypted="false" /> <add name="ConnectionString" value="" description="Connection string to be used for connection to the backend security datastore." encrypted="false" /> <add name="ProviderType" value="GSF.Security.LdapSecurityProvider, GSF.Security" description="The type to be used for enforcing security." encrypted="false" /> <add name="IncludedResources" value="*/*.*=*" description="Semicolon delimited list of resources to be secured along with role names." encrypted="false" /> <add name="ExcludedResources" value="*/SecurityService.svc*" description="Semicolon delimited list of resources to be excluded from being secured." encrypted="false" /> <add name="NotificationSmtpServer" value="localhost" description="SMTP server to be used for sending out email notification messages." encrypted="false" /> <add name="NotificationSenderEmail" value="sender@company.com" description="Email address of the sender of email notification messages." encrypted="false" /> </securityProvider> <activeDirectory> <add name="PrivilegedDomain" value="" description="Domain of privileged domain user account." encrypted="false" /> <add name="PrivilegedUserName" value="" description="Username of privileged domain user account." encrypted="false" /> <add name="PrivilegedPassword" value="" description="Password of privileged domain user account." encrypted="true" /> </activeDirectory> </categorizedSettings> </configuration>
C#
<?xml version="1.0"?> <configuration> <system.serviceModel> <services> <service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior"> <endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding" bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior" /> </service> </services> <behaviors> <endpointBehaviors> <behavior name="endpointBehavior"> <webHttp/> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="serviceBehavior"> <serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" /> </authorizationPolicies> </serviceAuthorization> </behavior> </serviceBehaviors> </behaviors> <bindings> <webHttpBinding> <binding name="endpointBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows"/> </security> </binding> </webHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="false" /> </system.serviceModel> </configuration>
C#
<?xml version="1.0"?> <configuration> <system.web> <httpModules> <add name="SecurityModule" type="GSF.ServiceModel.SecurityModule, GSF.ServiceModel" /> </httpModules> </system.web> <system.serviceModel> <services> <service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior"> <endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding" bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior"/> </service> </services> <behaviors> <endpointBehaviors> <behavior name="endpointBehavior"> <webHttp/> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="serviceBehavior"> <serviceAuthorization principalPermissionMode="Custom"> <authorizationPolicies> <add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" /> </authorizationPolicies> </serviceAuthorization> </behavior> </serviceBehaviors> </behaviors> <bindings> <webHttpBinding> <binding name="endpointBinding"> <security mode="None" /> </binding> </webHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> </system.serviceModel> </configuration>
See Also