如何把一个口令一个WCF服务？ [英] How to put a password on a WCF Service?

问题描述

我的工作是由我们的其他softwars叫错误信息发送到我们的数据库WCF服务。问题在于，因为它是一个在线服务，它是不是安全的，所以我在想，如果有可能到服务都要求输入密码时（即我们所说的服务，我们必须配置密码或类似的东西）。

I'm working on a WCF Service that is called by our other softwars to send bug information to our database. The problem is that, since it is an online service, it isn't safe, so I was wondering if it's possible to the service to request a password (i.e. when we call the service, we have to configure the password or something like that).

我GOOGLE了一下，但一切似乎对于这样一个简单的事情很复杂......你们能帮助我吗？

I googled about it, but it all seemed so complex for such a simple thing ... can you guys help me out?

编辑：

我们的想法是，通过我的软件进行验证，而不需要用户登录

The idea is to authenticate through my software, without the need of a user login.

推荐答案

另一个选择是实现自己的安全。这里有一个基本的例子。

Another option is to implement your own security. Here's a basic example.

在你的服务，改变它的 ServiceBehavior的 InstanceContextMode 到 PerSession 和 ConcurrencyMode 到单

In your service, change it's ServiceBehavior's InstanceContextMode to PerSession and ConcurrencyMode to Single

[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerSession, ConcurrencyMode = ConcurrencyMode.Single)]
public class SomeService : ISomeService
{ 
    // ...
}

在你的服务中添加用户名和密码属性

Add a Username and Password property in your service.

public string UserName { [OperationContract] get; [OperationContract] set; }
public string Password { [OperationContract] get; [OperationContract] set; }

添加用于检查一个安全的私有方法。

Add a private method for checking a security.

public void CheckSecurity()
{
    if ((this.UserName == null || this.Password == null) ||
        this.UserName == "username" && this.Password == "password"))
    {
        throw new FaultException("Unknown username or incorrect password.");
    }
}

然后调用 CheckSecurity 方法在每个服务类的构造函数方法。

Then call the CheckSecurity method in each of your service class constructor method.

public SomeServiceMethod1()
{
    this.CheckSecurity();

    // some method codes
}

客户端应用程序

在您的客户端应用程序的代码，设置每个实例的服务用户名和密码，或创建一个静态类，会为你做到这一点。

Client Application

In your client application code, set the service username and password for every instance, or create a static class that will do this for you.

您也可以尝试使用加密的用户名和密码，以增加安全。

You might also try to use encryption in the username and password to add security.

的请注意，这只是增加另一种选择你可能会满足您的需求，但你应该总是尝试使用做事的方式微软的

这篇关于如何把一个口令一个WCF服务？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！