如何实现WebServiceHost身份验证?
我知道webservicehost类上的身份验证不完全符合身份验证标准(当用户输入错误的凭据时,返回403禁止而不是提示输入另一组凭据)。
我仍然希望实现这种基本身份验证(会话开始时的用户名和密码,不需要HTTPS - 请参见下图),因为它符合我对小型家庭项目的需求。
我为myService提供的代码如下:
Imports System.IO
Imports System.Text
Imports System.ServiceModel
Imports System.ServiceModel.Web
Imports System.ServiceModel.Channels
<ServiceContract()>
Public Class myService
<OperationContract(), WebGet(UriTemplate:="/xml/{argument1}/{argument2}")>
Public Function XML(argument1 As String, argument2 As String) As Stream
requestCounter += 1
Console.WriteLine("xml data request at " & DateTime.Now.ToString() & ", request count= " & requestCounter)
Console.WriteLine(WebOperationContext.Current.IncomingRequest.UserAgent.ToString())
Return _ReturnXML("<xmlresponse><data><argument1>" & argument1 & "</argument1><argument2>" & argument2 & "</argument2></data><server><serverlivesince>" & serverStart.ToString() & "</serverlivesince><pageservetime>" & DateTime.Now.ToString() & "</pageservetime><requestcount>" & requestCounter & "</requestcount></server></xmlresponse>")
'returns the first two parameters, and the time and date
End Function
Private Shared Function _ReturnXML(_result As String) As Stream
Dim data = Encoding.UTF8.GetBytes(_result)
WebOperationContext.Current.OutgoingResponse.ContentType = "text/xml; charset=utf-8"
WebOperationContext.Current.OutgoingResponse.ContentLength = data.Length
Return New MemoryStream(data)
End Function
End Class
然后我有类似的代码来返回HTML以及接受其他参数组合。
在我的Main类中,我已实例化并打开此服务:
Dim varWebService = New WebServiceHost(GetType(MyWebService), New Uri("http://0.0.0.0/"))
varWebService.Open()
有人能为我提供实现这种简单身份验证的代码吗?或者指点我一个彻底的教程?谢谢你的帮助
3 个答案:
答案 0 :(得分:2)
您可以通过继承自定义WebServiceHost来编写它,并更改一些默认参数,如下所示。
代码中唯一的变化是
Dim varWebService = New AuthenticatedWebServiceHost(GetType(MyWebService), New Uri("http://0.0.0.0/"))
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.IdentityModel;
using System.IdentityModel.Selectors;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.ServiceModel.Security;
using System.ServiceModel.Description;
namespace StackOverflow
{
public class AuthenticatedWebServiceHost : WebServiceHost
{
public AuthenticatedWebServiceHost(Type type, Uri url)
{
IDictionary<string, ContractDescription> desc = null;
base.InitializeDescription(type, new UriSchemeKeyedCollection());
base.CreateDescription(out desc);
var val = desc.Values.First();
WebHttpBinding binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
base.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
base.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new CustomUserNamePasswordValidator();
base.AddServiceEndpoint(val.ContractType, binding, url);
}
//Possible next question:
//"How can I get the name of the authenticated user?"
public static string UserName
{
get
{
if (OperationContext.Current == null) return null;
if (OperationContext.Current.ServiceSecurityContext == null) return null;
if (OperationContext.Current.ServiceSecurityContext.PrimaryIdentity == null) return null;
return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name;
}
}
public class CustomUserNamePasswordValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
//Your logic to validate username/password
if (userName != password)
throw new SecurityAccessDeniedException();
}
}
}
}
答案 1 :(得分:0)
I4V提供的答案就像一个咒语一样,转换为VB,并复制到下面,以防万一在花费大量时间搜索网络后将来有人需要它。
要调用的行是根据I4V提供的代码。
Dim varWebService = New AuthenticatedWebServiceHost(GetType(MyWebService), New Uri("http://0.0.0.0/"))
VB.Net代码
Imports System.IdentityModel.Selectors
Imports System.ServiceModel
Imports System.ServiceModel.Description
Imports System.ServiceModel.Security
Imports System.ServiceModel.Web
Public Class AuthenticatedWebServiceHost
Inherits WebServiceHost
Public Sub New(ByVal type As Type, ByVal url As Uri)
Dim desc As IDictionary(Of String, ContractDescription) = Nothing
MyBase.InitializeDescription(type, New UriSchemeKeyedCollection())
MyBase.CreateDescription(desc)
Dim val = desc.Values.First()
Dim binding As WebHttpBinding = New WebHttpBinding()
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic
MyBase.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom
MyBase.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = New CustomUserNamePasswordValidator()
MyBase.AddServiceEndpoint(val.ContractType, binding, url)
End Sub
Public Shared ReadOnly Property UserName As String
Get
If OperationContext.Current Is Nothing Then Return Nothing
If OperationContext.Current.ServiceSecurityContext Is Nothing Then Return Nothing
If OperationContext.Current.ServiceSecurityContext.PrimaryIdentity Is Nothing Then Return Nothing
Return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name
End Get
End Property
Public Class CustomUserNamePasswordValidator
Inherits UserNamePasswordValidator
Public Overrides Sub Validate(ByVal userName As String, ByVal password As String)
If userName <> password Then Throw New SecurityAccessDeniedException()
End Sub
End Class
End Class
答案 2 :(得分:0)
Shaydo,你是最棒的!谢谢!这就是我搜索了数周! 我扩展了vb代码,以便与https一起使用: VB.NET:
Public Class AuthenticatedWebServiceHost
Inherits WebServiceHost
Public Sub New(ByVal type As Type, ByVal url As Uri, MyThumbprint As String)
Dim desc As IDictionary(Of String, ContractDescription) = Nothing
MyBase.InitializeDescription(type, New UriSchemeKeyedCollection())
MyBase.CreateDescription(desc)
Dim val = desc.Values.First()
Dim binding As WebHttpBinding = New WebHttpBinding()
'binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly
binding.Security.Mode = BasicHttpsSecurityMode.TransportWithMessageCredential
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic
MyBase.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom
MyBase.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = New CustomUserNamePasswordValidator()
MyBase.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindByThumbprint, MyThumbprint)
MyBase.AddServiceEndpoint(val.ContractType, binding, url)
End Sub
Public Shared ReadOnly Property UserName As String
Get
If OperationContext.Current Is Nothing Then Return Nothing
If OperationContext.Current.ServiceSecurityContext Is Nothing Then Return Nothing
If OperationContext.Current.ServiceSecurityContext.PrimaryIdentity Is Nothing Then Return Nothing
Return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name
End Get
End Property
Public Class CustomUserNamePasswordValidator
Inherits UserNamePasswordValidator
Public Overrides Sub Validate(ByVal userName As String, ByVal password As String)
If userName <> password Then
Console.WriteLine("Error: Access denied")
Throw New SecurityAccessDeniedException()
End If
End Sub
End Class
End Class
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?