我有一个使用传输安全模式运行的basichttpbinding WCF服务。这工作正常但是我想验证请求此服务的用户因此尝试使用TransportWithMessagCredential的安全模式和UserName的消息clientCredentialType并添加了一个服务行为来调用自定义密码验证器。我的问题是,当我尝试使用visual studio调用引用时,我收到一条错误消息,指出无法找到该服务。请在下面找到我的代码并提出我可能需要做的任何更改,以便在尝试添加服务时使用用户名/密码提示我。
的Web.config
<?xml version="1.0"?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add initializeData="WcfTraces.svclog" type="System.Diagnostics.XmlWriterTraceListener"
name="traceListener">
<filter type="" />
</add>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Warning, ActivityTracing">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelMessageLoggingListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="c:\users\**\web_messages.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=***"
name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true"
logMessagesAtServiceLevel="false" logMessagesAtTransportLevel="true" />
</diagnostics>
<bindings>
<basicHttpBinding>
<binding name="basicBindingConfig">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="nameSpaceX.Service">
<endpoint address="https://************:443/***.svc/"
binding="basicHttpBinding" bindingConfiguration="basicBindingConfig"
contract="nameSpaceY.IService">
<identity>
<certificateReference x509FindType="FindByThumbprint" findValue="****************" />
</identity>
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"
httpsGetUrl="https://*****:443/***.svc" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="namespaceX.UserNameValidator, namespaceX" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
userNameValidator.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
namespace namespaceX
{
class UserNameValidator: UserNamePasswordValidator
{
public override void Validate(string username, string password)
{
if(username == "test" && password == "1234")
return;
throw new SecurityTokenException("Incorrect username or Password");
}
}
}
答案 0 :(得分:0)
这里不需要* .svc的路径。通常会跳过httpsGetUrl属性或存储...?wsdl
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"
httpsGetUrl="https://*****:443/***.svc" />
假设这里的URL与服务端点中的URL相同。 Ti应该是不同的URL,因为一个是实现,第二个是元数据。