我是WCF服务的新手。我想用 basichttpbinding 创建一个WCF服务,以便在授予我的WCF服务访问权限之前创建自定义身份验证机制。我用过 安全模式=传输和 clientcredentialtype = basic 。我已经编写了一个自定义验证器函数来验证我的用户名和密码。
验证器功能
namespace CustomValidator
{
public class MyCustomValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
// This isn't secure, though!
if ((userName != "check") || (password != "check"))
{
throw new SecurityTokenException("Validation Failed!");
}
}
}
}
这是我的服务配置文件
< ?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<identity impersonate="false" />
</system.web>
<system.serviceModel>
<diagnostics>
<endToEndTracing activityTracing="true" messageFlowTracing="true" propagateActivity="true"></endToEndTracing>
</diagnostics>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpEndpointBinding">
<security mode="Transport">
<transport clientCredentialType="Basic" />
<!-- <message clientCredentialType="UserName" />-->
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Service">
<endpoint address="" binding="basicHttpBinding" name="BasicHttpEndpoint" bindingConfiguration="BasicHttpEndpointBinding" contract="IService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="false" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CustomValidator.MyCustomValidator, App_Code" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<security>
<authentication>
<basicAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</configuration>
所以这里的问题是每当我运行我的服务时,我都会输入一个登录对话框,我输入用户名和密码(我的验证器要求用户名和密码都相同),我没有收到我的服务详细信息页面,过去常常出现(没有认证机制)。我不知道我错过了什么,我觉得它的所有配置在我的情况下都很重要,但我仍然无法找出错误。
答案 0 :(得分:0)
为用户名密码验证创建并共享演示项目。工作正常。 请检查
https://onedrive.live.com/redir?resid=3FE322C74D6AA4D1%21169
您可以使用内部给出的SelfCert创建名称为 TrustedPeople 的证书,存储位置 LocalMachine