问题描述

我开发分布式应用程序。在这里面，有角色和集，我必须验证权限。
是一个很好的初步实践抛出的除了，在每个例子中，未经授权的访问？
或者我应该派一些信息返回给客户端？

I am developing a distributed application. In it, there are roles and sets of permissions that I must validate.
Is a good pratice to throw an exception, in per example, unauthorized access?
Or should I send some message back to the client?

推荐答案

在您的服务操作，您可以指定的的 FaultContract 的，这将有助于两个目的，像这样：

On your service operation, you can specify a FaultContract that will serve both purposes like so:

[OperationContract]
[FaultContract(typeof(MyServiceFault))]
void MyServiceOperation();

请注意，MyServiceFault必须标明DataContract和DataMember属性，以同样的方式你将一个复杂类型：

Note that MyServiceFault must be marked with DataContract and DataMember attributes, in the same way you would a complex type:

[DataContract]
public class MyServiceFault
{
    private string _message;

    public MyServiceFault(string message)
    {
        _message = message;
    }

    [DataMember]
    public string Message { get { return _message; } set { _message = value; } }
}

在服务端，你就能够：

throw new FaultException<MyServiceFault>(new MyServiceFault("Unauthorized Access"));

而在客户端：

And on the client-side:

try
{
    ...
}
catch (FaultException<MyServiceFault> fault)
{
    // fault.Detail.Message contains "Unauthorized Access"
}

这篇关于WCF服务异常良好的pratices的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！