First of all I apologize for my english... As I wrote in title I need to secure my WCF Service. I always used message security mode using ClientCredentialType="Certificate", checking in this way:
<serviceCertificate findValue="cn=abc" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName"/>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</clientCertificate>
This configuration worked well, but now I need to assign different privileges to the authenticated clients, I need Authorization in other words. Any idea? Thanks, Alberto
Sounds like you're after Roles. Check out this Codeplex Chapter and the Authorization section of the Codeplex WCF Security Guidelines. It provides plenty of details of different scenarios and I found it very useful when setting up WCF services.
来源:https://stackoverflow.com/questions/949026/wcf-service-security-for-authentication-and-authorization