使用用户名和密码时,WCF服务有点新功能。我按照http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti上的教程进行操作,以便使用用户名和密码保护我的Web服务。
我的配置文件在
下面<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<compilation debug="false" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
</system.web>
<system.serviceModel>
<services>
<service behaviorConfiguration="NewBehavior0" name="TService">
<endpoint address="mex" binding="mexHttpBinding" contract="ITechnology" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="NewBinding0">
<security>
<message clientCredentialType="Certificate" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="NewBehavior0">
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="Server" storeLocation="CurrentUser"
storeName="TrustedPeople" x509FindType="FindBySubjectName" />
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="TService, Services1"/>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<directoryBrowse enabled="true" />
</system.webServer>
</configuration>
现在我可以在浏览器中查看WDSL,我知道证书在本地按预期工作。当我使用WCF测试工具连接到服务时,它不会提示我输入用户名和密码。
根据我发布的链接,我甚至没有完成最后一步(添加代码以传递用户名和密码),但我仍然可以连接到服务并检索所有数据。
我错过了哪些内容以及如何限制只有用户名和密码才能让用户/服务检索数据的服务?
编辑1:
<system.serviceModel>
<services>
<service behaviorConfiguration="NewBehavior0" name="TechService">
<endpoint address="mex" binding="mexHttpBinding" contract="ITechService" />
<endpoint address="TechService.svc" binding="wsHttpBinding" bindingConfiguration="" contract="ITechService" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="NewBinding0">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="NewBehavior0">
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="PeerTrust" />
</clientCertificate>
<serviceCertificate findValue="Server" storeLocation="CurrentUser"
storeName="TrustedPeople" x509FindType="FindBySubjectName" />
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="TechService, Services1"/>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<directoryBrowse enabled="true" />
</system.webServer>
</configuration>
答案 0 :(得分:1)
基于对链接的CodeProject页面的快速回顾,您的配置文件似乎有点过时(因为它并不表示任何端点实际上使用的是客户端凭据类型)。
“NewBinding0”指定clientCredentialType =“Certificate”,但文章指出该值应为:
<binding name="NewBinding0">
<security mode="Message">
<message clientCredentialType="UserName"/>
</security>
</binding>
此外,服务定义仅定义“mex”(元数据)端点。您很可能希望定义一个wsHttpBinding ..端点,该端点使用指定clientCredentialType =“UserName”的更正绑定。
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="NewBinding0"/>
希望这有帮助。
问候,