WCF与HTTP基本身份验证 [英] WCF with Http Basic Authentication
问题描述
我要建一个需要多种潜在的平台,包括一些旧的ASP和ASP.NET的应用程序访问一个Web服务。经过一番研究,我对既具有REST(的WebHttpBinding)和SOAP(的wsHttpBinding)终结点的WCF服务解决(这样一来,我可以支持广泛的平台,仍然使.NET codeRS高兴)。
I'm building a webservice that needs to be accessible to a variety of potential platforms, including a number of older ASP and ASP .NET applications. After some research, I settled on a WCF service with both a REST (webHttpBinding) and SOAP (wsHttpBinding) endpoint (that way, I can support a wide range of platforms and still make the .NET coders happy).
为了安全起见,我使用SSL和HTTP基本身份验证对我自己的用户名/密码的数据库。所以我写了一个HttpModule来处理用户名和密码,并检查SSL。现在,剩下的安装工作完美,但我在使用SOAP端点的问题。不管我用什么设置,SOAP客户端从不给我发送WWW-Authorization头,我可以使用来验证。我假设设置类似<消息clientCredentialType =用户名/> 应该告诉WCF,我希望Authorization头,并且该信息将由回升Visual Studio中(或其他客户端)时,它会创建一个Web引用。也许我只是极其天真。
For security, I'm using SSL and HTTP Authentication Basic against my own database of username/passwords. So I've written an HttpModule to handle the usernames and passwords and check for SSL. Now, the REST setup is working perfectly, but I'm having problems with the SOAP endpoint. No matter what settings I use, the SOAP client never sends me a WWW-Authorization header that I can use to authenticate. I'm assuming that setting something like <message clientCredentialType="UserName" /> should tell WCF that I expect an Authorization header, and that information will be picked up by Visual studio (or whatever client) when it creates a web reference. Perhaps I'm just being hopelessly naive.
因此,要总结的问题是:有没有什么办法,我可以告诉WCF给我WWW-Authorization头(即一个基本的HTTP报头)与SOAP消息一起
So to summarize the question: is there any way that I can tell WCF to send me a WWW-Authorization header (ie, an HTTP basic header) along with the soap messages?
推荐答案
您可以为您的身份验证创建自定义页眉。
You can create custom headers for your authentication.
看一看<一个href=\"http://weblogs.asp.net/paolopia/archive/2008/02/25/handling-custom-soap-headers-via-wcf-behaviors.aspx\"相对=nofollow>这里
这篇关于WCF与HTTP基本身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
