Windows Azure AppFabric 入门教学系列 (五):初探Access Control Service
2012-03-22 11:56:30 来源:WEB开发网3.1在Client项目,Program.cs中,加入如下粗体代码:
namespace Client { using System; using System.Collections.Specialized; using System.Linq; using System.Net; using System.ServiceModel; using System.ServiceModel.Security; using System.ServiceModel.Web; using System.Text; using System.Web; using System.IO; public class Program
以及如下粗体代码:
public class Program { private const string ServiceNamespace = "{insert service namespace here}"; private const string IssuerName = "weatherforecastclient"; private const string IssuerKey = "{insert issuer key here}"; private const string AcsHostName = "accesscontrol.windows.net"; public static void Main(string[] args) {
3.2在Program类中加入如下方法:
... private static string GetACSToken() { // request a token from AppFabric AC WebClient client = new WebClient(); client.BaseAddress = string.Format("https://{0}.{1}", ServiceNamespace, AcsHostName); NameValueCollection values = new NameValueCollection(); values.Add("wrap_name", IssuerName); values.Add("wrap_password", IssuerKey); values.Add("wrap_scope", "http://localhost/weatherforecast"); byte[] responseBytes = client.UploadValues("WRAPv0.9", "POST", values); string response = Encoding.UTF8.GetString(responseBytes); return response .Split('&') .Single(value => value.StartsWith("wrap_access_token=", StringComparison.OrdinalIgnoreCase)) .Split('=')[1]; } } }
3.3在Main函数开头加入如下代码:
string acsToken; try { acsToken = GetACSToken(); } catch (WebException ex) { Console.ForegroundColor = ConsoleColor.Red; if (ex.Response != null) { Stream exception = ex.Response.GetResponseStream(); StreamReader reader = new StreamReader(exception); Console.WriteLine(reader.ReadToEnd()); } else { Console.WriteLine(ex.Message); } Console.ReadLine(); return; }
同样在Main函数中对应位置加入如下代码 :
using (new OperationContextScope(proxy as IContextChannel)) { string authHeaderValue = string.Format("WRAP access_token="{0}"", HttpUtility.UrlDecode(acsToken)); WebOperationContext.Current.OutgoingRequest.Headers.Add("authorization", authHeaderValue); // call the service and get a response
4.配置AppFabric ACS命名空间以为特定调用者实现访问逻辑。
4.1点击“开始”->“运行”,输入cmd,回车。将当前工作路径切换到WindowsAzurePlatformKitLabsIntroAppFabricAccessControlSourceAssets
4.2创建TokenPolicy,输入如下代码并执行:(注意:以下所有黄色框内内容皆需替换为读者自己的信息,service指service namespace,mgmtkey指management key)
acm create tokenpolicy -name:weatherforecast -timeout:28800 -autogeneratekey -service:{your service namespace} -host:accesscontrol.windows.net -mgmtkey:{your management key}
返回TikenPolicy ID = tp_18d47a547b0f40648fdabfe753885dd4
4.3创建Scope,输入如下代码并执行:(tokenpolicyid为上步返回的TikenPolicy ID)
acm create scope -name:weatherforecast -tokenpolicyid:tp_18d47a547b0f40648fdabfe753885dd4 -appliesto:http://localhost/weatherforecast -service:{your service namespace} -host:accesscontrol.windows.net -mgmtkey:{your management key}
返回Scope ID = scp_3c9c465f2be54bed809080f210914f70dab58dee
4.4 创建Issuer,输入如下代码并执行:
acm create issuer -name:weatherforecastclient -issuername:weatherforecastclient -autogeneratekey -algorithm:Symmetric256BitKey -service:{your service namespace} -host:accesscontrol.windows.net -mgmtkey:{your management key}
返回Issuer ID = iss_8c389a6764e8a26bf5133a7ab9c830f8bea33a82
4.5 创建Rule,输入如下代码并执行:(scopeid为步骤4.3返回的Scope ID,inclaimissuerid为上步返回的Issuer ID)
acm create rule -name:client3days -scopeid:scp_3c9c465f2be54bed809080f210914f70dab58dee -inclaimissuerid:iss_8c389a6764e8a26bf5133a7ab9c830f8bea33a82 -inclaimtype:Issuer -inclaimvalue:weatherforecastclient -outclaimtype:action -outclaimvalue:Get3DaysForecast -service:{your service namespace} -host:accesscontrol.windows.net -mgmtkey:{your management key}
更多精彩
赞助商链接