C# 添加[PrincipalPermission(SecurityAction.Demand,Role=";ADMIN";)时,对象引用未设置为对象的实例
我有一个服务方法C# 添加[PrincipalPermission(SecurityAction.Demand,Role=";ADMIN";)时,对象引用未设置为对象的实例,c#,wcf,wcf-security,C#,Wcf,Wcf Security,我有一个服务方法 [PrincipalPermission(SecurityAction.Demand, Role = "ADMIN")] public UserInfo GetUserInfo(string login, string password) { logger.Debug("Getting User Info"); return new UserInfo() {Balance = 100, UserName = "User1"}; } 当我添加
[PrincipalPermission(SecurityAction.Demand, Role = "ADMIN")]
public UserInfo GetUserInfo(string login, string password)
{
logger.Debug("Getting User Info");
return new UserInfo() {Balance = 100, UserName = "User1"};
}
当我添加[PrincipalPermission(SecurityAction.Demand,Role=“ADMIN”)]
时,我开始获得未设置为对象实例的对象引用
项目中使用的代码:
public class AuthorizationPolicy: IAuthorizationPolicy
{
Guid _id = Guid.NewGuid();
private static Logger logger = LogManager.GetCurrentClassLogger();
// this method gets called after the authentication stage
public bool Evaluate(EvaluationContext evaluationContext, ref object state)
{
logger.Debug("Evaluate");
// get the authenticated client identity
IIdentity client = GetClientIdentity(evaluationContext);
// set the custom principal
evaluationContext.Properties["Principal"] = new CustomPrincipal(client);
logger.Debug("Evaluate end");
return true;
}
public ClaimSet Issuer { get; private set; }
private IIdentity GetClientIdentity(EvaluationContext evaluationContext)
{
logger.Debug("GetClientIdentity");
object obj;
if (!evaluationContext.Properties.TryGetValue("Identities", out obj))
throw new Exception("No Identity found");
IList<IIdentity> identities = obj as IList<IIdentity>;
if (identities == null || identities.Count <= 0)
throw new Exception("No Identity found");
logger.Debug("GetClientIdentity end");
return identities[0];
}
public string Id { get { return _id.ToString(); }
private set { }
}
更新
跟踪文件包含:
2014-02-27 18:48:35.2164|DEBUG|Beleke.Security.AuthorizationPolicy|Evaluate
2014-02-27 18:48:35.2164|DEBUG|Beleke.Security.AuthorizationPolicy|GetClientIdentity
2014-02-27 18:48:35.2164|DEBUG|Beleke.Security.AuthorizationPolicy|GetClientIdentity end
2014-02-27 18:48:35.2164|DEBUG|Beleke.Security.AuthorizationPolicy|Evaluate end
2014-02-27 18:48:35.2164|DEBUG|Beleke.BelekeService|Changing balance
2014-02-27 18:48:35.2694|DEBUG|Beleke.Security.AuthorizationPolicy|Evaluate
2014-02-27 18:48:35.2694|DEBUG|Beleke.Security.AuthorizationPolicy|GetClientIdentity
2014-02-27 18:48:35.2694|DEBUG|Beleke.Security.AuthorizationPolicy|GetClientIdentity end
2014-02-27 18:48:35.2694|DEBUG|Beleke.Security.AuthorizationPolicy|Evaluate end
这是服务器端跟踪
at System.Security.Permissions.PrincipalPermission.Demand()
at System.Security.PermissionSet.DemandNonCAS()
at Beleke.BelekeService.GetUserInfo(String login, String password) in d:\beleke\branches\master\BelekeService\App_Code\BelekeService.cs:line 29
at SyncInvokeGetUserInfo(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
根据我的评论:
我在PrincipalPermission.Demand()中查看了未编译的代码
唯一可能为空的是您的IPrincipal.Identity
看起来你在用“CustomPrincipal”。。。您确定它的Identity属性没有返回null吗
奖金
未编译代码:
public void Demand()
{
new SecurityPermission(SecurityPermissionFlag.ControlPrincipal).Assert();
IPrincipal currentPrincipal = Thread.CurrentPrincipal;
if (currentPrincipal == null)
this.ThrowSecurityException();
if (this.m_array == null)
return;
int length = this.m_array.Length;
bool flag = false;
for (int index = 0; index < length; ++index)
{
if (this.m_array[index].m_authenticated)
{
IIdentity identity = currentPrincipal.Identity;
if (identity.IsAuthenticated && (this.m_array[index].m_id == null || string.Compare(identity.Name, this.m_array[index].m_id, StringComparison.OrdinalIgnoreCase) == 0))
{
if (this.m_array[index].m_role == null)
{
flag = true;
}
else
{
WindowsPrincipal windowsPrincipal = currentPrincipal as WindowsPrincipal;
flag = windowsPrincipal == null || !(this.m_array[index].Sid != (SecurityIdentifier) null) ? currentPrincipal.IsInRole(this.m_array[index].m_role) : windowsPrincipal.IsInRole(this.m_array[index].Sid);
}
if (flag)
break;
}
}
else
{
flag = true;
break;
}
}
if (flag)
return;
this.ThrowSecurityException();
}
public void Demand()
{
新的SecurityPermission(SecurityPermissionFlag.ControlPrincipal.Assert();
IPrincipal currentPrincipal=Thread.currentPrincipal;
if(currentPrincipal==null)
this.ThrowSecurityException();
if(this.m_数组==null)
返回;
int length=this.m_array.length;
布尔标志=假;
对于(int-index=0;index
您提供的stacktrace就是您的异常被客户端重新调用的堆栈跟踪。NullReferenceException不会发生在那里,而是发生在代码服务器端。你能把你的VS连接到你的IIS进程,或者任何托管你的服务器的exe吗?既然你正在登录,也许也会给我们看那些日志?BelekeService.cs:line 29
你能给我们看这行吗?[PrincipalPermission(SecurityAction.Demand,Role=“ADMIN”)]public UserInfo GetUserInfo(string login,string password){
该死,我无法正确设置评论格式。但是第29行是开场白,我还不能授予奖金-因此需要等待。所以,现在我又遇到了另一个问题。我的\u identity.Name
包含windows用户名,而不是通过proxy.ClientCredentials.username=“test”设置的凭据
知道为什么会发生这种情况吗?_identity在哪里?它是如何分配的?@Oliver,啊,我以为我已经发布了那个部分了……所以,有公共bool Evaluate(EvaluationContext EvaluationContext,ref object state)
part,我在这里收到的evaluationContext包含Windows用户名。不知道:/I猜问题是客户端…尝试在Username setter中设置断点?(不是您的代码,因此:Debug->New breakpoint->Break at function:UserNamePasswordClientCredential.set\u Username)解决了它-配置错误。我添加了绑定,但在“bindingConfiguration”标记中没有提到绑定的名称。
at System.Security.Permissions.PrincipalPermission.Demand()
at System.Security.PermissionSet.DemandNonCAS()
at Beleke.BelekeService.GetUserInfo(String login, String password) in d:\beleke\branches\master\BelekeService\App_Code\BelekeService.cs:line 29
at SyncInvokeGetUserInfo(Object , Object[] , Object[] )
at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]& outputs)
at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)
public void Demand()
{
new SecurityPermission(SecurityPermissionFlag.ControlPrincipal).Assert();
IPrincipal currentPrincipal = Thread.CurrentPrincipal;
if (currentPrincipal == null)
this.ThrowSecurityException();
if (this.m_array == null)
return;
int length = this.m_array.Length;
bool flag = false;
for (int index = 0; index < length; ++index)
{
if (this.m_array[index].m_authenticated)
{
IIdentity identity = currentPrincipal.Identity;
if (identity.IsAuthenticated && (this.m_array[index].m_id == null || string.Compare(identity.Name, this.m_array[index].m_id, StringComparison.OrdinalIgnoreCase) == 0))
{
if (this.m_array[index].m_role == null)
{
flag = true;
}
else
{
WindowsPrincipal windowsPrincipal = currentPrincipal as WindowsPrincipal;
flag = windowsPrincipal == null || !(this.m_array[index].Sid != (SecurityIdentifier) null) ? currentPrincipal.IsInRole(this.m_array[index].m_role) : windowsPrincipal.IsInRole(this.m_array[index].Sid);
}
if (flag)
break;
}
}
else
{
flag = true;
break;
}
}
if (flag)
return;
this.ThrowSecurityException();
}