1

I have defined a custom OperationSelector that implements IDispatchOperationSelector so that I can intercept the message from the client prior to executing the method. I am doing this so I can check public/private key values included in the message, and throw an Authorization fault if needed without putting any auth logic in my services.

This all works fine thus far, but I would like to specify a [AuthenticationType] attribute for each service operation, that I can check i this OperationSelector. Is there anyway I can reference, or find the corresponding conctract and operation in the OperationSelector? If so, how?

TheJediCowboy
  • 8,924
  • 28
  • 136
  • 208

1 Answers1

1

I would recommend mixing both a MessageInspector applied to the whole contract, and then creating an OperationBehavior that will register the operation name on the underlying MessageInspector.

Similar to what is shown here: http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/bcd94cf9-2881-4081-a05b-771a6e6f9c06/ (Carlos Figueira's answer)

That way, your message inspector will end up with a list of all registered operations with the attribute, and the inspector can identify which require validation and which don't.

Pablo Romeo
  • 11,298
  • 2
  • 30
  • 58
  • I had a MessageInspector originally, but do I have the ability to find the operation in the MessageInspector, and conditionally stop execution if authentication fails? – TheJediCowboy Feb 04 '13 at 15:41
  • Additionally, in the MessageInspector, do I know the target operation? – TheJediCowboy Feb 04 '13 at 16:13
  • I haven't tried it myself, and it's not very pretty, but it seems to be quite possible: http://stackoverflow.com/a/2477201/1373170 – Pablo Romeo Feb 04 '13 at 20:32