Compared with Windows authenticationProgramThe app is more about user-defined identity authentication.
1. perform authentication in the WCF Service
Code
Public Class Odatabaseservice < T > : Dataservice < T > // , Iserviceprovider
{
Public Odatabaseservice ()
{
This . Processingpipeline. processingrequest + = New Eventhandler < Dataserviceprocessingpipelineeventargs > (Processingpipeline_processingrequest );
}
Void Processingpipeline_processingrequest ( Object Sender, dataserviceprocessingpipelineeventargs E)
{
If (Authenticate (httpcontext. Current )) // Here, we use HTTP header or other HTTP request content to determine the user and permissions.
Throw New Dataserviceexception ( 401 , " 401 unauthorized " );
}
Here I still have some questions. For example, the client data is unstructured, although the method name column has everything,
However, you need to implement your own analysis.CodeIt is always troublesome to determine what permissions the customer accesses (for example, what tables and columns ).
I hope there will be official Microsoft implementations or third-party implementations (I have not found them yet)
2. Use httpmodule for verification.
In fact, the implementation of this method is the same as that in WCF... it's just a different place.
3. oauth wrap