Dirk Reske

Hello,

I'm quite new to wcf and have a few questions about wcf.

We are developing an application for letting out holliday appartments.

Should we separate the service interfaces for managing the objects (create, remove, change appartments) and this one for the reservations etc from each other

sample:

interface IObjectManagement

{

void CreateObject(ObjectDescription newObject);

ObjectDescriptionCollection GetObjects();

}

and

interface IReservationService

{

void CreateReservation(Reservation newReservation);

....

}

If so, waht is the appropiate way for authorization Each service implementation has to know, if the current user has the right to do the requested operation...

thanks!

Dirk



Re: Windows Communication Foundation (Indigo) service architecture

James.Zhang - MSFT

I don't think you need to sperate your interface for the purpose of authorization, WCF provided multiple mechansim for authorization.

Please check the following document:

http://msdn2.microsoft.com/en-us/library/ms733106.aspx

You can apply the PrincipalPermissionAttribute to restricting access to a specific method. You can also use Claim-based Identity Model if you want a fine control.






Re: Windows Communication Foundation (Indigo) service architecture

Dirk Reske

Hello,

I don't want to separate the interfaces because authorization issues.

I want to separate it by functional issues (e.g. one service contract for general administration purposes and one for reservation services)

thanks

Dirk





Re: Windows Communication Foundation (Indigo) service architecture

James.Zhang - MSFT

Yes, seperating them would make sense to me.