Are there any proven templates anyone could tell about Workflow 4.0 services integrated with the Windows Identity Foundation? We are looking for the best way to check the STS token and requirements to determine who the user is outside the context of the workflow instance and make the application user object accessible to the workflow context.
We want to keep the separation of problems between WIF service implementation and workflow business logic so that our workflow services are highly verifiable. We saw a few examples that indicate that the Get operation is activated using code activity that creates an IReceiveMessageCallback implementation to get a reference to the OperationContext. Link to the Maurice Blog Post. However, this means that the actions internal to the service depend on the availability of the context of the operation and, possibly, even on access rights.
The best solution we can offer so far is to create an implementation of IDispatchMessageInspector for a service that requests a token and creates custom application objects necessary for the workflow, which makes them accessible to the workflow runtime through InstanceContext.Extensions. This seems to work, but doesn't seem completely solid. Any help or feedback is greatly appreciated!
Service Behavior
public class SecurityTokenServiceBehavior : IServiceBehavior, IDispatchMessageInspector
{
...
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
var claimsPrincipal = (IClaimsPrincipal)(Thread.CurrentPrincipal is GenericPrincipal ? null : Thread.CurrentPrincipal);
...
instanceContext.Extensions.Add(new SecurityContextExtension(appUser, audit));
return null;
}
...
}
IReceiveMessageCallback
public class SecurityContextCallback : IReceiveMessageCallback
{
[DataMember]
public SecurityContextExtension SecurityContext { get; private set; }
public void OnReceiveMessage(OperationContext operationContext, ExecutionProperties activityExecutionProperties)
{
SecurityContext = operationContext.InstanceContext.Extensions.Find<SecurityContextExtension>();
}
}
Capps source
share