Click here to Skip to main content
Click here to Skip to main content
Add your own
alternative version

Tagged as

Go to top

WCF REST 4.0 Authorization with Form Based Authentication (SetAuthCookie)

, 19 Mar 2013
How to create custom authorization policy and return HTTPContext Identity for authorization.
//http://www.codeproject.com/KB/WCF/Custom_Authorization_WCF.aspx#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Security.Principal;
using System.IdentityModel.Policy;

namespace WcfRestService2
{
    public class CustomPrincipal: IPrincipal
    {
        private IIdentity _identity;
        public IIdentity Identity
        {
            get
            {
                return _identity;
            }
        }

        public CustomPrincipal(IIdentity identity)
        {
            _identity = identity;
           
        }

        public bool IsInRole(string role)
        {
            return Roles.IsUserInRole(role);
        }
    }

    public class AuthorizationPolicy : IAuthorizationPolicy
    {
        string id = Guid.NewGuid().ToString();

        public string Id
        {
            get { return this.id; }
        }

        public System.IdentityModel.Claims.ClaimSet Issuer
        {
            get { return System.IdentityModel.Claims.ClaimSet.System; }
        }

        // this method gets called after the authentication stage
        public bool Evaluate(EvaluationContext evaluationContext, ref object state)
        {
            // get the authenticated client identity
            IIdentity client = HttpContext.Current.User.Identity; //GetClientIdentity(evaluationContext);

            // set the custom principal
            evaluationContext.Properties["Principal"] = new CustomPrincipal(client);

            return true;
        }

        //private IIdentity GetClientIdentity(EvaluationContext evaluationContext)
        //{
        //    object obj;
        //    if (!evaluationContext.Properties.TryGetValue("Identities", out obj))
        //        throw new Exception("No Identity found");

        //    IList<IIdentity> identities = obj as IList<IIdentity>;
        //    if (identities == null || identities.Count <= 0)
        //        throw new Exception("No Identity found");

        //    return identities[0];
        //}


       
    } 
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Anupama_Agarwal
Architect
India India
I work as a freelance consultant and is passionate about taking challenges in latest technology.
I am a solution architect and trainer with 9+ years experience in designing, developing and maintaining enterprise wide application using latest technology like SharePoint 2010, MOSS 2007, Business Intelligence, SQL Server 2008, Reporting Service, Analysis Service and Integration service.

| Advertise | Privacy | Mobile
Web01 | 2.8.140916.1 | Last Updated 19 Mar 2013
Article Copyright 2011 by Anupama_Agarwal
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid