I have a custom ServiceAuthorizationManager where i override CheckAccess and validate a custom auth token that is part of the URL. After i validate, i set the Thread.CurrentPrincipal with a GenericPrincipal. But when the request finally reaches my service method, Thread.CurrentPrincipal is gone, it is not what i set in the auth manager. What's going wrong?
WCF service authorization manager setting the Thread.CurrentPrincipal
3.6k views Asked by sash At
2
There are 2 answers
0
Phil Degenhardt
On
If you do not wish to use the built-in mechanisms for authorization, WCF requires that the current principal be identified via an IAuthorizationPolicy to be properly integrated in the WCF pipeline. You will need to specify and PrincipalPermissionMode of 'Custom'.
For a detailed introduction see this article: Authorization In WCF-Based Services
Related Questions in WCF
- Migrate ASMX web method to WCF which accepts string array
- Handling WCF enums when client and server have different versions of enum
- Objective tools for monitoring WCF APIs for latency, failures, and breakdowns?
- ASP.NET Core Web api + WCF
- WCF Authentification Android App - Maui WCF Webservice Basic
- WCF to WCFCore - Help Menu
- Problem with hashtag (#) character in httpclient and WCF
- How to add REST API to a .NET Framework Solution with existing WCF Services?
- How to run WCF service in VSCODE
- Adding HTTP Headers using MessageInspector in WCF (VB.NET) Not Working
- The data returned by the WCF service contains special characters, causing an error when the client attempts to receive it!"
- How to configure rest api’s in WCF project , making it hybrid solution
- WCF + PostgresQL. Npqsql connection is not open
- CORS Error that is not fixed with usual solution
- .NET project hosted on IIS is timing out in 5 minutes but works fine on localhost
Related Questions in AUTHORIZATION
- Protect Server Actions with Next Auth in Next JS 14
- Set-Cookie header not forwarded by nginx to the client
- System.InvalidOperationException: The AuthorizationPolicy named: 'Admin' was not found
- Missing render HTML element for login requests from client to server
- How to get different types of authentication in Thymeleaf
- https://accounts.google.com/gsi/client missing 'Access-Control-Allow-Origin' header
- Authorization error with Django on Windows with IIS
- Role based restriction in requestMatchers in Spring Security does not receive sent Authorization header
- How do I get my Python code to pass the authorization needed for it to connect to Notion
- Integrating Okta via a Authorization Filter
- Verify Token To Login In Firebase (Aauthorization)
- When hashing an API key, should I hash the suffix / prefix as well?
- How can I implement synchronous registration on a website and a forum by linking their databases?
- Need to addlocal repo authorization to existing yaml file
- dropbox api video share_url authorization error
Related Questions in AUTHENTICATION
- Authenticate Flask rest API
- Sends a personalised error message from the back-end to the front-end with Nuxt-auth
- How to connect Spotify PKCE Authorization Boilerplate to Login-Button in React
- Laravel SPA auth with Sanctum
- _supabaseClient__WEBPACK_IMPORTED_MODULE_1__.supabase.auth.signIn is not a function
- My openID Authentication return 'You must have either https wrappers or curl enabled.'
- How to detect the Minimization of Custom Chrome Tabs on Android?
- Wordpress redirect to homepage after successfully logged in
- How to modify the prebuilt UI of authentication in aws amplify version 6 in React Native
- Creating a login system for my website, navlist not working?
- Receiving 400 bad request on post when customer auth handler is used
- Creating Azure B2B login system with Vue.js frontend & Python Django backend
- Gradio chatbot: how to export individual conversation histories?
- Set-Cookie header not forwarded by nginx to the client
- git asking for authentication when auth.json is present while running composer update
Related Questions in PRINCIPAL
- SpringBoot Injected Principal not null but SecurityContextHolder.getContext().getAuthentication() always null - Websocket
- How to mock a Principal object?
- Ktor OAuth, cant set User session when I have token
- KernelPCA explained variance is (99-100)% for all the features of the dataset
- I have 5 folders (each contain about 200 RGB images), I want to use "Principal Component Analysis" for image classification
- Principle Component Analysis, add a line to the 3d graph showing the first principal component
- How to change the role of a user in CustomUserDetails?
- How to update user data in Principal when changing his login?
- How to define custom principal class in Elytron WildFly 26.1?
- Can I access the current user in session statically in Quarkus?
- How to access java.security.Principal attributes inside Spring Boot controller?
- Is there a way of translating the importance of each feature into the observations in PCA?
- PCA with library psych, how to plot?
- How do I hide the "Cloudcommons" field for a specific group in the Hybris Backoffice search tree
- How to get Claims Principal in Azure Function running Node?
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
I got around this by setting principalPermissionMode="None" in the service behavior where i register the service auth manager. This is supposed to tell the wcf runtime not to put any principal in the current thread. If you set it to "custom", it overwrites whatever principal you set using a GenericPrincipal.