Hi,
I have a question regarding Claims based security.
The following Service method does throw SecurityAccessDeniedException that the Client can catch when the Server runs locally with or without Debugger attached.
The Server code would look like this:
[ClaimsPrincipalPermission(SecurityAction.Demand, Operation = "read", Resource = "foo")]
public GetFooReply GetFoo(GetFooRequest request)
{
return GetFooLogic(request);
}
When the Server runs remotely, the exception is shielded or screened with a FaultException that I am only able to handle with the followin code:
catch (Exception e)
{
var faultException = e as FaultException;
if (faultException != null)
{
if (faultException.Code.Name.Equals("FailedAuthentication") && faultException.Code.Namespace.Equals("
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"))
{
throw new SecurityAccessDeniedException(faultException.Message);
}
}
}
While running the Service locally I am able to use
catch (SecurityAccessDeniedException secex)
{
throw;
}
I have played with
<serviceDebug includeExceptionDetailInFaults="true" />
but this didn't help and it shouldn't be used.
How do I correctly handle such an error on the Client?
Do I have to do it that way or is any WCF code doing this (usually)?
Thanks,
Lothar