I have a WCF service where I use a custom UserNamePasswordValidator to validate a user.
public override void Validate(string userName, string password) { LoginHelper loginHelper = new LoginHelper(); loginHelper.ValidateUserRegularLogin(userName, password); }
When this is done, IAuthorizationPolicy.Evaluate is launched, and it is here that I set the principal to the user user context as follows:
evaluationContext.Properties["Principal"] = userContext;
The problem is that I need 2 things to get the correct custom text, and that is the username and value from the header.
I know that I can use messageinspector to get the header data as follows:
public object AfterReceiveRequest(ref System.ServiceModel.Channels.Message request, IClientChannel channel, InstanceContext instanceContext) { IntegrationHeader integrationHeader; LoginHandler loginHandler; UserContextOnService userContext = null; if (request.Headers.Action == null || request.Headers.Action.ToString().Length < 1) return null; foreach (var header in request.Headers) { if (header.Namespace == "ns" && header.Name == "SecurityToken") { return null; } } throw new SecurityTokenException("Unknown username or invalid password"); }
But I need to get this information in the Evaluate method so that I can make the correct login (assignment of a principal). Is it possible? And if so, how? Which alternative?
PS. This will be done by calling, so no specific login method can be used.
It is decided:
I ended up with this:
integrationHeader = OperationContext.Current.IncomingMessageHeaders.GetHeader<IntegrationCertificateHeader>(header.Name, header.Namespace);
source share