目前我有一项服务使用UserNamePasswordValidator
来验证客户端用户。验证代码如下:WCF UserNamePasswordValidator是否需要检查PrimaryIdentity.IsAuthenticated?
public override void Validate(String userName, String password)
{
if (userName == null) || (password == null)
throw new FaultException("Username and/or password not specified.");
if (userName != "test") && (password != "tset")
throw new FaultException("Invalid username and/or password.");
}
正如您所看到的,当出现错误时,代码将始终引发异常。
现在的问题 - 是否有任何理由我应该检查ServiceSecurityContext.Current.PrimaryIdentity.IsAuthenticated
是否在我的OperationContract
函数中是否属实?例如,
public interface IMyService
{
[OperationContract]
void myOpContract();
}
public class MyService : IMyService
{
public void myOpContract()
{
// Do I really need this conditional statement?
if (ServiceSecurityContext.Current.PrimaryIdentity.IsAuthenticated)
// Proceed as expected
else
// Fail?
}
}
任何帮助将不胜感激。