|
Security
|
Represents an authorization policy that can be used by WCF services for enabling role-based security.
Inheritance Hierarchy
Namespace: GSF.ServiceModel
Assembly: GSF.ServiceModel (in GSF.ServiceModel.dll) Version: 2.4.282-beta
Syntaxpublic class SecurityPolicy : IAuthorizationPolicy, IAuthorizationComponent
The SecurityPolicy type exposes the following members.
Constructors| Name | Description | |
|---|---|---|
 | SecurityPolicy | Initializes a new instance of the SecurityPolicy class. |
Properties| Name | Description | |
|---|---|---|
 | Id | Gets the identifier of this SecurityPolicy instance. |
| Issuer | Gets a claim set that represents the issuer of this SecurityPolicy. |
Methods| Name | Description | |
|---|---|---|
| Equals | Determines whether the specified object is equal to the current object. (Inherited from Object) |
| Evaluate | Evaluates the evaluationContext and initializes security. |
 | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object) |
| GetHashCode | Serves as the default hash function. (Inherited from Object) |
| GetResourceName | Gets the name of resource being accessed. |
| GetType | Gets the Type of the current instance. (Inherited from Object) |
| MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object) |
| ToString | Returns a string that represents the current object. (Inherited from Object) |
Extension Methods| Name | Description | |
|---|---|---|
 | GetEnumValueOrDefault |
Gets the enumeration constant for value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
| GetEnumValueOrDefaultT |
Gets the enumeration constant for this value, if defined in the enumeration, or a default value.
(Defined by EnumExtensions) |
Example
Common config file entries:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="categorizedSettings" type="GSF.Configuration.CategorizedSettingsSection, GSF.Core" />
</configSections>
<categorizedSettings>
<securityProvider>
<add name="ApplicationName" value="" description="Name of the application being secured as defined in the backend security datastore."
encrypted="false" />
<add name="ConnectionString" value="" description="Connection string to be used for connection to the backend security datastore."
encrypted="false" />
<add name="ProviderType" value="GSF.Security.LdapSecurityProvider, GSF.Security"
description="The type to be used for enforcing security." encrypted="false" />
<add name="IncludedResources" value="*/*.*=*" description="Semicolon delimited list of resources to be secured along with role names."
encrypted="false" />
<add name="ExcludedResources" value="*/SecurityService.svc*"
description="Semicolon delimited list of resources to be excluded from being secured."
encrypted="false" />
<add name="NotificationSmtpServer" value="localhost" description="SMTP server to be used for sending out email notification messages."
encrypted="false" />
<add name="NotificationSenderEmail" value="sender@company.com" description="Email address of the sender of email notification messages."
encrypted="false" />
</securityProvider>
<activeDirectory>
<add name="PrivilegedDomain" value="" description="Domain of privileged domain user account."
encrypted="false" />
<add name="PrivilegedUserName" value="" description="Username of privileged domain user account."
encrypted="false" />
<add name="PrivilegedPassword" value="" description="Password of privileged domain user account."
encrypted="true" />
</activeDirectory>
</categorizedSettings>
</configuration>
Internal WCF service configuration:
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior">
<endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding"
bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior" />
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="endpointBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" />
</authorizationPolicies>
</serviceAuthorization>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="endpointBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" />
</system.serviceModel>
</configuration>
External WCF service configuration:
<?xml version="1.0"?>
<configuration>
<system.web>
<httpModules>
<add name="SecurityModule" type="GSF.ServiceModel.SecurityModule, GSF.ServiceModel" />
</httpModules>
</system.web>
<system.serviceModel>
<services>
<service name="WcfService1.Service1" behaviorConfiguration="serviceBehavior">
<endpoint address="" contract="WcfService1.IService1" binding="webHttpBinding"
bindingConfiguration="endpointBinding" behaviorConfiguration="endpointBehavior"/>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="endpointBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceAuthorization principalPermissionMode="Custom">
<authorizationPolicies>
<add policyType="GSF.ServiceModel.SecurityPolicy, GSF.ServiceModel" />
</authorizationPolicies>
</serviceAuthorization>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="endpointBinding">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
</system.serviceModel>
</configuration>
See Also