none
ServiceAuthorizationManager is not working in web.config RRS feed

  • Question

  • can someone tell me why I never reach a breakpoint in this checkaccesscore :
        public class SecurityGroupAuthorization : ServiceAuthorizationManager
        {

            protected override bool CheckAccessCore(OperationContext operationContext)
            {
                return base.CheckAccessCore(operationContext); <--cannot reach breakpoint ?
            }

    The web.config looks like this:
      <system.serviceModel>
        <services>
          <service name="WCFService"    behaviorConfiguration="secure"  >
            <endpoint binding="netTcpBinding" contract="XXXService" />
            <endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>
          </service>
        </services>

        <behaviors>
          <serviceBehaviors>
            <behavior name="secure">
              <serviceAuthorization serviceAuthorizationManagerType="NAMESPACE.SecurityGroupAuthorization,Assembly" />
              <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
              <serviceMetadata policyVersion="Policy15" />
              <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
              <serviceDebug includeExceptionDetailInFaults="true" />

    Thursday, October 9, 2014 6:28 PM

Answers

  • Hi peter clift,

    The following article has told the detailed information about the Service Authorization Manager, please try to check that if you have done something wrong:
    #WCF Security - Service Authorization Manager:
    http://www.shujaat.net/2013/03/wcf-security-service-authorization.html .

    Best Regards,
    Amy Peng

    This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, October 10, 2014 5:12 AM
    Moderator
  • Hi peter clift,

    Please try to download the project(https://onedrive.live.com/?cid=6f3051ef13f3137e&id=6F3051EF13F3137E%21250&authkey=!AGR0xN70ohW8YVc) which is written by Muammad. And I have tested in my side, it works very well.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, October 20, 2014 5:58 AM
    Moderator

All replies

  • Hi peter clift,

    The following article has told the detailed information about the Service Authorization Manager, please try to check that if you have done something wrong:
    #WCF Security - Service Authorization Manager:
    http://www.shujaat.net/2013/03/wcf-security-service-authorization.html .

    Best Regards,
    Amy Peng

    This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, October 10, 2014 5:12 AM
    Moderator
  •  

    Yes, I read Muammad's article and followed it closely,  but I still can't get the CheckAccessCore() to be called.

    I'm assuming it's a wcf setting I am missing, (maybe on the client)?

    Thanks,Peter

    Friday, October 10, 2014 5:00 PM
  • Hi peter clift,

    Please try to download the project(https://onedrive.live.com/?cid=6f3051ef13f3137e&id=6F3051EF13F3137E%21250&authkey=!AGR0xN70ohW8YVc) which is written by Muammad. And I have tested in my side, it works very well.

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, October 20, 2014 5:58 AM
    Moderator