未调用WCFServices自定义usernamepasswordvalidator [英] WCFServices custom usernamepasswordvalidator not called

问题描述

您好，

Hello,

I have a problem with custom authentication over https. What I need is a secure channel and authenitcation on message level. I got it working quite well, but my custom validator never gets called.
When in IIS7 i use Authentication -> Basic Authentication, I get the following error

"The authentication schemes configured on the host ('Basic') do not allow those configured on the binding 'WSHttpBinding' ('Anonymous').  Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly.  Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the <serviceAuthenticationManager> element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement. "

When in IIS7 i use Authentication -> Anonymuse Authentication, my custom validator never gets called.

Here's my config:

< br $> b $ b

system.web>

编译debug =truetargetFramework =4.5/>

customErrors mode =Off/>

pages controlRenderingCompatibilityVersion =4.0/>

/system.web>

system.serviceModel>

protocolMapping>

add scheme =httpsbinding =wsHttpBinding/>

/ protocolMapping>

diagnostics performanceCounters =Default>

messageLogging logEntireMessage =truelogMalformedMessages =true

logMessagesAtServiceLevel =falselogMessagesAtTransportLevel =true/>

/诊断>

服务>

服务行为配置=VASServiceBehaviorname =nsVASSERVICE.WCFVASSERVICE>

endpoint address =mexbinding =mexHttpsBindingbind ingConfiguration =mexHttpsBinding

name =mexHttpsBindingEndpointcontract =IMetadataExchange/>

endpoint address =wsbinding =wsHttpBindingbindingConfiguration =wsHttpBinding

name =wsHttpBindingEndpointcontract =nsVASSERVICE.IWCFPBSERVICE/>

/ service>

/ services>

绑定>

wsHttpBinding>

绑定名称=wsHttpBinding>

安全模式=消息>

transport clientCredentialType =None/>

message clientCredentialType =UserNamenegotiateServiceCredential =true/>

/ security>

/ binding>

/ wsHttpBinding>

mexHttpsBinding>

binding name =mexHttpsBinding/>

/ mexHttpsBinding>

/ bindings>

client>

端点地址=https：//mymachine/WCFVASSERVICE.svc/mexbinding =wsHttpBinding

bindingConfiguration =wsHttpBindingcontract =nsVASSERVICE.IWCFPBSERVICE

name =mexHttpsBindingEndpoint1/>

/ client>

行为>

endpointBehaviors>

behavior name =VASServiceEndpointBehavior>

clientCredentials>

clientCertificate findValue =PayBoxstoreLocation =LocalMachine

x509FindType = FindBySubjectName/>

serviceCertificate>

身份验证certificateValidationMode =自定义revocationMode =在线/>

/ serviceCertificate> < br $>
/ clientCredentials>

soapProcessing processMessages =true/>

/行为>

/ endpointBehaviors>

serviceBehaviors>

行为名称=VASServiceBehavior>

serviceMetadata httpGetEnabled =falsehttpsGetEnabled =true/>

serviceCredentials useIdentityConfiguration =true>

serviceCertificate findValue =PayBoxx509FindType =FindBySubjectName/>

userNameAuthentication userNamePasswordValidationMode =Custom

includeWindowsGroups =falsecustomUserNamePasswordValidatorType =nsVASSERVICE.CustomUserNamePasswordValidator，VASSERVICE/>

windowsAuthentication includeWindowsGroups =false/>

/ serviceCredentials>

serviceDebug httpHelpPageEnabled =falseincludeExceptionDetailInFaults =true/>

/ behavior>

/ serviceBehaviors>

/ behavior>

serviceHostingEnvironment aspNetCompatibilityEnabled =false
multipleSiteBindingsEnabled =true/>

/system.serviceModel>





如何为自定义usernamepasswordvalidator配置IIS和web.config？

system.web>
compilation debug="true" targetFramework="4.5"/>
customErrors mode="Off"/>
pages controlRenderingCompatibilityVersion="4.0"/>
/system.web>
system.serviceModel>
protocolMapping>
add scheme="https" binding="wsHttpBinding" />
/protocolMapping>
diagnostics performanceCounters="Default">
messageLogging logEntireMessage="true" logMalformedMessages="true"
logMessagesAtServiceLevel="false" logMessagesAtTransportLevel="true" />
/diagnostics>
services>
service behaviorConfiguration="VASServiceBehavior" name="nsVASSERVICE.WCFVASSERVICE">
endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration="mexHttpsBinding"
name="mexHttpsBindingEndpoint" contract="IMetadataExchange" />
endpoint address="ws" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding"
name="wsHttpBindingEndpoint" contract="nsVASSERVICE.IWCFPBSERVICE" />
/service>
/services>
bindings>
wsHttpBinding>
binding name="wsHttpBinding">
security mode="Message">
transport clientCredentialType="None" />
message clientCredentialType="UserName" negotiateServiceCredential="true" />
/security>
/binding>
/wsHttpBinding>
mexHttpsBinding>
binding name="mexHttpsBinding" />
/mexHttpsBinding>
/bindings>
client>
endpoint address="https://mymachine/WCFVASSERVICE.svc/mex" binding="wsHttpBinding"
bindingConfiguration="wsHttpBinding" contract="nsVASSERVICE.IWCFPBSERVICE"
name="mexHttpsBindingEndpoint1" />
/client>
behaviors>
endpointBehaviors>
behavior name="VASServiceEndpointBehavior">
clientCredentials>
clientCertificate findValue="PayBox" storeLocation="LocalMachine"
x509FindType="FindBySubjectName" />
serviceCertificate>
authentication certificateValidationMode="Custom" revocationMode="Online" />
/serviceCertificate>
/clientCredentials>
soapProcessing processMessages="true" />
/behavior>
/endpointBehaviors>
serviceBehaviors>
behavior name="VASServiceBehavior">
serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
serviceCredentials useIdentityConfiguration="true">
serviceCertificate findValue="PayBox" x509FindType="FindBySubjectName" />
userNameAuthentication userNamePasswordValidationMode="Custom"
includeWindowsGroups="false" customUserNamePasswordValidatorType="nsVASSERVICE.CustomUserNamePasswordValidator, VASSERVICE" />
windowsAuthentication includeWindowsGroups="false" />
/serviceCredentials>
serviceDebug httpHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
/behavior>
/serviceBehaviors>
/behaviors>
serviceHostingEnvironment aspNetCompatibilityEnabled="false"
multipleSiteBindingsEnabled="true" />
/system.serviceModel>


How can I configure IIS and web.config for custom usernamepasswordvalidator ?

推荐答案

此链接可能对您有所帮助 https://nirajrules.wordpress.com/2009/05/22 / username-over-https-custombinding -with-wcf％E2％80％99s-channelfactory-interface / [ ^ ]

This link may be of help to you https://nirajrules.wordpress.com/2009/05/22/username-over-https-custombinding-with-wcf%E2%80%99s-channelfactory-interface/[^]

这篇关于未调用WCFServices自定义usernamepasswordvalidator的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！