如何在WCF中对请求强制执行用户名和密码 [英] How to enforce username and password on a request in WCF
问题描述
美好的一天,
我有一个任务,当客户端向我的服务发出请求时,要求提供用户名和密码,到目前为止,我还无法弄清这一点,这里有很多示例,但是这些都没有示例中有足够的信息可以帮助您 我实现了我的目标.
I have a task that requires a username and password to be provided when a client makes a request to my service, so far i haven't been able to figure this out, there are many examples out there, but none of this examples have enough information that can help me achieve my goal.
要求是,当客户端(SOAP UI,Web浏览器wsdl链接,任何其他应用程序)创建对我的服务的请求时,需要先进行身份验证,然后才能处理该请求,问题是,我还需要做什么?包含在我的代码中?
the requirement is that when a client(SOAP UI, web browser wsdl link, any other application) creates a request to my service, authentication is required before the request can be processed, the question is, what else do i need to include in my code?
这是我的网络配置:
<system.serviceModel>
<services>
<service name="namespace.servicename" behaviorConfiguration="CustomUserNamePassword" >
<endpoint contract="namespace.interfacenane" binding="basicHttpBinding" address="basic" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="BasicAuthentication">
<security mode="Transport">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name ="CustomUserNamePassword">
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="assembleyname.Authentication, assemblyname"/>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer这是身份验证类
public class Authentication : System.IdentityModel.Selectors.UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (userName == null || password == null)
{
throw new ArgumentNullException("Username or Password is Incorrect");
}
if (!(userName == "username" && password == "password"))
{
throw new Exception("Invalid Credentials");
}
}
}如果有人有可行的示例,请提供.
If anyone has a working example, please provide it.
谢谢.
此致
Ndamu
推荐答案
Ndamu,
Hi Ndamu,
根据您的代码,您似乎想要实现自定义用户名和密码验证器,对吗?如果是这样,则安全模式需要为Message或TransportWithMessageCredential.
Based on your code, it seems you want to achieve custom user name and password validator, am I right? If so, the security mode need to be Message or TransportWithMessageCredential.
对于您的问题,您没有使用定义的wsHttpBinding,需要在端点中使用定义的"BasicAuthentication".
For your issue, you did not use the defined wsHttpBinding, you need to use the defined "BasicAuthentication" in the endpoint.
这是一个简单的配置.
Here is a simple configuration.
<system.serviceModel>
<services>
<service name="Microsoft.ServiceModel.Samples.CalculatorService"
behaviorConfiguration="CalculatorServiceBehavior">
<!-- use host/baseAddresses to configure base address provided by host -->
<host>
<baseAddresses>
<add baseAddress ="http://localhost:8001/servicemodelsamples/service" />
</baseAddresses>
</host>
<!-- use base address specified above, provide one endpoint -->
<endpoint address="username"
binding="wsHttpBinding"
bindingConfiguration="Binding"
contract="Microsoft.ServiceModel.Samples.ICalculator" />
</service>
</services>
<bindings>
<wsHttpBinding>
<!-- username binding -->
<binding name="Binding">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="CalculatorServiceBehavior">
<serviceDebug includeExceptionDetailInFaults ="true"/>
<serviceCredentials>
<!--
The serviceCredentials behavior allows one to
specify a custom validator for username/password
combinations.
-->
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Microsoft.ServiceModel.Samples.CalculatorService+MyCustomUserNameValidator, service" />
<!--
The serviceCredentials behavior allows one to define a service certificate. A service certificate is used by a client to authenticate the service and provide message protection. You must specify a server certificate when passing username/passwords to encrypt the information as it is sent on the wire. Otherwise the username and password information would be sent as clear text. This configuration references the "localhost" certificate installed during the setup instructions.
-->
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
您可以参考下面的链接以获取更多信息.
You could refer the link below for more information.
#User Name密码验证器
https://msdn.microsoft.com/en-us/library/aa354513 (v = vs.110).aspx
#User Name Password Validator
https://msdn.microsoft.com/en-us/library/aa354513(v=vs.110).aspx
最好的问候,
Best Regards,
爱德华
这篇关于如何在WCF中对请求强制执行用户名和密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
