I am beginning a project that will have three layers to it: a web front-end, a mobile front-end and WCF back-end. Authentication needs to be done via Active Directory, but both web front-ends will be using forms authentication to grant/reject access to certain areas, and all user control will be handled via groups inside AD. This specifically applies in the WCF side where I would like to be able to utilize the built-in Permission.Demand() functionality.

我正在开始一个项目，它将有三个层次:一个web前端，一个移动前端和WCF后端。身份验证需要通过活动目录来完成，但是两个web前端都将使用表单身份验证来授予/拒绝对某些区域的访问，并且所有用户控件都将通过AD内的组进行处理。这特别适用于WCF，我希望能够使用内置的Permission.Demand()功能。

I have two questions with this. First, does anyone know of any best practice examples for doing this? Specifically in regards to passing the credentials (without the password) to the WCF service so it knows the context under which it is being accessed. Secondly, the future includes creating an Android app (and probably iPhone/Windows Phone versions as well) so I need to make sure the method used will work cross-platform with those.

我有两个问题。首先，有谁知道最好的实践例子吗?具体来说，就是将凭据(没有密码)传递给WCF服务，这样它就知道被访问的上下文。其次，未来包括创建一个Android应用程序(也可能是iPhone/Windows Phone版本)，所以我需要确保使用的方法能够与这些应用程序交互。

1 个解决方案

     evaluationContext.Properties["Principal"]=HttpContext.Current.User;

#1

     evaluationContext.Properties["Principal"]=HttpContext.Current.User;