info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
SecurityAccessDeniedException not passed to client when server is running remotely
11 views
Skip to first unread message
Lothar Behrens
Apr 14, 2015, 11:39:50 AM4/14/15
to
Hi,
I have a question regarding Claims based security.
The following Service method does throw SecurityAccessDeniedException that the Client can catch when the Server runs locally with or without Debugger attached.
The Server code would look like this:
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "read", Resource = "foo")]
public GetFooReply GetFoo(GetFooRequest request)
{
return GetFooLogic(request);
}
When the Server runs remotely, the exception is shielded or screened with a FaultException that I am only able to handle with the followin code:
catch (Exception e)
{
var faultException = e as FaultException;
if (faultException != null)
{
if (faultException.Code.Name.Equals("FailedAuthentication") && faultException.Code.Namespace.Equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"))
{
throw new SecurityAccessDeniedException(faultException.Message);
}
}
}
While running the Service locally I am able to use
catch (SecurityAccessDeniedException secex)
{
throw;
}
I have played with
<serviceDebug includeExceptionDetailInFaults="true" />
but this didn't help and it shouldn't be used.
How do I correctly handle such an error on the Client?
Do I have to do it that way or is any WCF code doing this (usually)?
Thanks,
Lothar
I have a question regarding Claims based security.
The following Service method does throw SecurityAccessDeniedException that the Client can catch when the Server runs locally with or without Debugger attached.
The Server code would look like this:
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "read", Resource = "foo")]
public GetFooReply GetFoo(GetFooRequest request)
{
return GetFooLogic(request);
}
When the Server runs remotely, the exception is shielded or screened with a FaultException that I am only able to handle with the followin code:
catch (Exception e)
{
var faultException = e as FaultException;
if (faultException != null)
{
if (faultException.Code.Name.Equals("FailedAuthentication") && faultException.Code.Namespace.Equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"))
{
throw new SecurityAccessDeniedException(faultException.Message);
}
}
}
While running the Service locally I am able to use
catch (SecurityAccessDeniedException secex)
{
throw;
}
I have played with
<serviceDebug includeExceptionDetailInFaults="true" />
but this didn't help and it shouldn't be used.
How do I correctly handle such an error on the Client?
Do I have to do it that way or is any WCF code doing this (usually)?
Thanks,
Lothar
0 new messages