问题
First of all I apologize for my english... As I wrote in title I need to secure my WCF Service. I always used message security mode using ClientCredentialType="Certificate", checking in this way:
<serviceCertificate findValue="cn=abc" storeLocation="LocalMachine" storeName="TrustedPeople" x509FindType="FindBySubjectDistinguishedName"/>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust"/>
</clientCertificate>
This configuration worked well, but now I need to assign different privileges to the authenticated clients, I need Authorization in other words. Any idea? Thanks, Alberto
回答1:
Sounds like you're after Roles. Check out this Codeplex Chapter and the Authorization section of the Codeplex WCF Security Guidelines. It provides plenty of details of different scenarios and I found it very useful when setting up WCF services.
来源:https://stackoverflow.com/questions/949026/wcf-service-security-for-authentication-and-authorization