仅在 web.config 端点 BindingConfiguration 中有自定义用户名验证器就足够了吗? [英] Is it sufficient just to have the Custom Username validator in the web.config endpoint BindingConfiguration?

问题描述

我有一个客户用户名/密码验证器.在 web.config 的 endpoints bindingConfiguration 属性中使用它是否足够，或者我是否需要在 Service 方法中显式调用它.我注意到当我不称它为服务操作时，它不会被调用.我做错了什么吗?

I have a Customer Username/Password validator. Is it sufficient enough to have it in the endpoints bindingConfiguration attribute in web.config or do I need to explicitly call it in the Service method. I noticed when I don't call it a Service operation, it doesn't get called. Am I doing something wrong?

这是我定义绑定部分的方式:

This is how I have my bindings section defined:

<bindings>
  <wsHttpBinding>
    <binding name="CustomAuthentication">
      <security mode="Message">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

这是我定义服务节点的方式:

This is how I have my service node defined:

<service behaviorConfiguration="CustomValidator" name="Test.TestService">

我的端点属性有它的 BindingConfiguration = "CustomAuthentication"

My endpoint attribute has its BindingConfiguration = "CustomAuthentication"

这就是我在 ServiceBehaviors 中定义行为的方式:

This is how I have a behavior in my ServiceBehaviors defined:

<behavior name="CustomValidator">
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom"
                                 customUserNamePasswordValidatorType="Test.CustomUserNameValidator, FuzionSync"/>

        <serviceCertificate findValue="MyWebSite" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>

        </serviceCredentials>

      <serviceMetadata httpGetEnabled="True"/>

    </behavior>

当我运行 wcf 测试客户端来调用服务调用时，它甚至没有调用 Validate 方法.我让它调用的唯一方法是将它放在一个要显式调用的操作中.

When I run the wcf test client to invoke the service call, it doesn't even call the Validate method. The only way I get it to call is if I put it in an operation to be called explicitly.

推荐答案

您需要在绑定配置和服务行为中指定这一点.这是它在我们的一个项目中的样子(重要的部分是 clientCredentialType="UserName" 和 <serviceCredentials> 元素):

You need to specify this both in the binding configuration and in the service behavior. This is how it looks in one of our projects (the important parts are clientCredentialType="UserName" and the <serviceCredentials> element):

<bindings>
  <wsHttpBinding>
    <binding name="SSLWithCustomAuthentication">
      <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None" proxyCredentialType="None" />
        <message clientCredentialType="UserName" 
                 negotiateServiceCredential="true"
                 algorithmSuite="Default" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

<behaviors>
  <serviceBehaviors>
    <behavior name="customAuthenticationBehavior">
      <serviceCredentials>
        <userNameAuthentication 
          userNamePasswordValidationMode="Custom"
          customUserNamePasswordValidatorType="Namespace.YourValidator, AssemblyName"/>
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

然后让您的服务使用 behaviorConfiguration="customAuthenticationBehavior".

and then have your service use behaviorConfiguration="customAuthenticationBehavior".

请注意，我认为 WCF 不允许您在没有 SSL 的情况下使用用户名身份验证.

Note that I don't think WCF lets you use UserName authentication without SSL.

这篇关于仅在 web.config 端点 BindingConfiguration 中有自定义用户名验证器就足够了吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！