我正在尝试使用自定义ASP.NET MembershipProvider和RoleProvider来处理我的服务的安全性。该服务是在控制台应用程序中自托管的,而不是在IIS中。 我使用webHttpBinding和基本身份验证。我将serviceCredentials和serviceAuthorization配置为使用提供程序。提供商真正初始化。但是WCF似乎忽略了我的设置并尝试将用户登录到Windows。我从事件日志中找出了这一点,并通过将我的Windows凭据发送到服务来证明。您可以在下面看到我的配置和调试屏幕截图。为什么使用Windows进行身份验证?也许在没有IIS的情况下使用ASP.NET auth提供程序是不可能的?
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<roleManager
enabled="true"
defaultProvider="CustomRoleProvider">
<providers>
<clear/>
<add
name="CustomRoleProvider"
type="CustomRoles.CustomRoleProvider, CustomRoles"/>
</providers>
</roleManager>
<membership defaultProvider="CustomMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="CustomMembershipProvider"
type="CustomRoles.CustomMembershipProvider, CustomRoles"/>
</providers>
</membership>
</system.web>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttp">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Service">
<serviceAuthorization principalPermissionMode="UseAspNetRoles"
roleProviderName="CustomRoleProvider" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="CustomMembershipProvider" />
</serviceCredentials>
<serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="SuccessOrFailure"
messageAuthenticationAuditLevel="SuccessOrFailure" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="Service" name="CustomRoles.Service">
<endpoint address="http://127.0.0.1:8060" binding="webHttpBinding"
bindingConfiguration="webHttp" contract="CustomRoles.IService" />
</service>
</services>
</system.serviceModel>
</configuration>
这就是我在调试时看到的内容。为什么使用windows进行身份验证?
credentials screen http://img81.imageshack.us/img81/1289/credentials.gif
答案 0 :(得分:0)
我正在尝试做同样的事情。
我的服务运行良好,我可以通过服务跟踪查看器跟踪对服务的调用。
剩下的唯一问题是我没有收到任何电话应答。我的应用程序冻结,我在通话时遇到TimoutException。这是我的设置:
<system.web>
<membership defaultProvider="ClientAuthenticationMembershipProvider">
<providers>
<add name="ClientAuthenticationMembershipProvider"
type="System.Web.ClientServices.Providers.ClientFormsAuthenticationMembershipProvider, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
serviceUri="http://localhost:21200/Authentication_JSON_AppService.axd"
credentialsProvider="LacT.Windows.LoginWindow, LacT.Windows" />
<add name="FooMembershipProvider"
type="Foo.Security.Business.Provider.FooTMembershipProvider, LacT.Security.Business"
serviceUri="http://localhost:21200/Authentication_JSON_AppService.axd"
credentialsProvider="Foo.Windows.LoginWindow, Foo.Windows" />
</providers>
</membership>
<roleManager defaultProvider="ClientRoleProvider" enabled="true">
<providers>
<add name="ClientRoleProvider"
type="System.Web.ClientServices.Providers.ClientRoleProvider, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
serviceUri="http://localhost:21200/Role_JSON_AppService.axd"
cacheTimeout="86400" />
</providers>
</roleManager>
</system.web>
服务模式......`
<behaviors>
<endpointBehaviors>
<behavior name="WebBehavior">
<webHttp />
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WebBehavior">
<serviceMetadata httpGetEnabled="true" httpGetUrl="" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="basicHttpMode">
<security mode="None" />
</binding>
</basicHttpBinding>
<webHttpBinding>
<binding name="webHttpMode">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WebBehavior"
name="Foo.Security.Business.Manager.Wcf.Host.SecurityManager">
<endpoint address=""
binding="webHttpBinding"
contract="Foo.Security.Business.Contract.ISecurityContract"
behaviorConfiguration="WebBehavior"
bindingConfiguration="webHttpMode" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:21200" />
</baseAddresses>
</host>
</service>
</services>
`
也许使用这段代码可以帮助您弄清楚你的内容是什么。 如果你发现让我知道的话。
答案 1 :(得分:0)
我在WCF大师班期间完成了这项工作,所以这绝对是可能的。不幸的是,我没有在实践中使用它,而且它是在一年前的现在......
但是,请尝试this link,并查找有关ASP.NET成员资格的不同下载。这基本上是培训课程的结果。
答案 2 :(得分:0)
是的可能:
<?xml version="1.0"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
<connectionStrings>
<add name="mySqlConnection" connectionString="Data Source=.\SQLEXPRESS2012;Integrated Security=SSPI;Initial Catalog=aspnetdb;"/>
</connectionStrings>
<system.web>
<compilation debug="true"/>
<!-- Configure the Sql Membership Provider -->
<membership defaultProvider="MySqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="MySqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="mySqlConnection" applicationName="UsersManagementNavigationApplication" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed"/>
</providers>
</membership>
<!-- Configure the Sql Role Provider -->
<roleManager enabled="true" defaultProvider="MySqlRoleProvider">
<providers>
<clear/>
<add name="MySqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="mySqlConnection" applicationName="UsersManagementNavigationApplication"/>
</providers>
</roleManager>
</system.web>
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</webHttpBinding>
<basicHttpBinding>
<binding name="basicBindingConfiguration">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="webEndpointBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="webServiceBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceThrottling/>
<serviceDebug/>
</behavior>
<behavior name="myServiceBehavior">
<!-- Configure role based authorization to use the Role Provider -->
<serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="MySqlRoleProvider">
</serviceAuthorization>
<serviceCredentials>
<!-- Configure user name authentication to use the Membership Provider -->
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WcfServiceHTTPSelfHosted.MyCustomValidator, WcfServiceHTTPSelfHosted"/>
</serviceCredentials>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="myServiceBehavior" name="WcfServiceHTTPSelfHosted.WcfServiceHTTPSelfHosted">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="basicBindingConfiguration"
contract="WcfServiceHTTPSelfHosted.IWcfServiceHTTPSelfHosted" />
<endpoint address="web" behaviorConfiguration="webEndpointBehavior"
binding="webHttpBinding" bindingConfiguration="webBinding"
contract="WcfServiceHTTPSelfHosted.IWcfServiceHTTPSelfHosted" />
<endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:50002/WcfServiceHTTPSelfHosted/" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
</configuration>
并使用自定义UserNamePasswordValidator:
public class MyCustomValidator : UserNamePasswordValidator
{
public MyCustomValidator()
{
}
public override void Validate(string userName, string password)
{
if (!Membership.ValidateUser(userName, password))
{
throw new SecurityTokenException("Users validation failed: " + userName);
}
}
}
这很好用!