我有WCF网络服务(.Net 4.5 RTM)。
我想提供自定义的IPrincipal和IIdentity forplementation,所以我决定提供自定义的ServiceAuthenticationManager。
奇怪的是ServiceAuthenticationManager是实例化的,但是没有调用Authenticate方法。
所以,当我有这样的服务器配置时
<system.serviceModel>
<protocolMapping>
<add scheme="https" binding="basicHttpBinding" />
</protocolMapping>
<behaviors>
<serviceBehaviors>
<behavior name="EntityServiceBehavior">
<serviceAuthenticationManager
authenticationSchemes="None"
serviceAuthenticationManagerType="Belrost.Communication.EntityServiceAuthenticationManager, Belrost.Communication" />
<serviceAuthorization
impersonateCallerForAllOperations="false"
principalPermissionMode="Custom"
serviceAuthorizationManagerType="Belrost.Communication.EntityServiceAuthorizationManager, Belrost.Communication" />
<serviceCredentials>
<serviceCertificate
findValue="test.local"
x509FindType="FindBySubjectName"
storeLocation="LocalMachine"
storeName="My" />
</serviceCredentials>
<serviceDebug
includeExceptionDetailInFaults="true"
httpsHelpPageEnabled="true"
httpsHelpPageUrl="https://test.local/service/belrost-help" />
<serviceMetadata
httpsGetEnabled="true"
httpsGetUrl="https://test.local/service/belrost-meta" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="EntityServiceBinding">
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service
name="Belrost.Server.EntityService"
behaviorConfiguration="EntityServiceBehavior">
<endpoint
address="https://test.local/service/belrost"
binding="basicHttpBinding"
bindingConfiguration="EntityServiceBinding"
bindingNamespace="http://schemas.triflesoft.org/"
contract="Belrost.Communication.IEntityContract" />
</service>
</services>
</system.serviceModel>
调用Authenticate方法,但由于clientCredentialType =“None”,因此未提供授权信息。
当我将None更改为Basic时,不再调用Authenticate方法(但是EntityServiceAuthenticationManager构造函数中的断点被命中)并且我得到SecurityTokenValidationException,并显示消息“'test'用户的LogonUser失败。确保用户具有有效的Windows帐户“。