Wcf自定义userNamePasswordValidationMode在IIS express中不起作用

时间:2014-04-16 08:05:31

标签: wcf ssl iis-express

我尝试使用自定义userNamePasswordValidationMode服务创建一个安全的wcf,但我遇到了一些问题(三天)。我的设置环境是visual studio 2012,.net 4.0,IIS Express。我在主机的服务模式是:

<system.serviceModel>
    <bindings >
      <wsHttpBinding>
        <binding maxReceivedMessageSize="65536" name="WsHttpBinding_ISurveyService">
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="UserName"/>
          </security>
          <readerQuotas   maxArrayLength="65536"
                          maxBytesPerRead="65536"
                          maxStringContentLength="65536"/>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <!--name= "namespace.serviceClass"-->
      <service name="Rids.Services.SurveyService" behaviorConfiguration="Rids.WcfHost.ServiceBehavior" >
        <!--contract= "namespace.serviceClass"-->
        <endpoint address=""
                  binding="wsHttpBinding"
                  bindingConfiguration="WsHttpBinding_ISurveyService"
                  contract= "Rids.Services.ISurveyService">
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
        <host>
          <baseAddresses>
            <add baseAddress="https://localhost" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="Rids.WcfHost.ServiceBehavior">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="false" />
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <clientCertificate>
              <authentication certificateValidationMode="None" />
            </clientCertificate>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
                                    customUserNamePasswordValidatorType="Rids.WcfHost.ServiceUserValidator,Rids.WcfHost"/>

            <!--Specify the Certificate-->
            <serviceCertificate    findValue="rids_2014.04.15"
                               storeLocation="LocalMachine"
                                x509FindType="FindBySubjectName"
                                   storeName="My"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

当我想将此服务添加到客户端时,它无法读取元数据并给出以下错误:

There was an error downloading 'https://localhost:44300/SurveyService.svc/_vti_bin/ListData.svc/$metadata'.
Unable to connect to the remote server
Hedef makine etkin olarak reddettiğinden bağlantı kurulamadı 127.0.0.1:44300
Metadata contains a reference that cannot be resolved: 'https://localhost:44300/SurveyService.svc'.
There was no endpoint listening at https://localhost:44300/SurveyService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Unable to connect to the remote server
Hedef makine etkin olarak reddettiğinden bağlantı kurulamadı 127.0.0.1:44300
If the service is defined in the current solution, try building the solution and adding the service reference again.

-

但是如果我从行为(name="Rids.WcfHost.ServiceBehavior"部分)删除名称标签,从服务(behaviorConfiguration="Rids.WcfHost.ServiceBehavior"部分)删除behaviorConfiguration标签;然后我可以毫无错误地将服务(https://localhost:44300/SurveyService.svc)添加到客户端。这也不能解决我的问题。

向客户添加服务后,客户服务模型如下所示:

<system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_ISurveyService" />
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost:11067/SurveyService.svc"
        binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISurveyService"
        contract="Survey.ISurveyService" name="BasicHttpBinding_ISurveyService" />
    </client>
</system.serviceModel>

我看到的问题是:

  1. 虽然我的服务绑定配置是wsHttpBinding,但客户端服务模型看到basicHttpBinding。
  2. 虽然我在路径https://localhost:44300/SurveyService.svc中添加了服务,但客户端服务模型没有看到ssl地址。
  3. 如果服务具有behaviorConfiguration标记且行为在主机配置中具有名称标记,则无法将服务添加到客户端。
  4. 自定义userNamePasswordValidationMode不起作用,即使我没有错误地向客户端添加服务,服务也看不到验证类或验证方法。它无需验证即可使用。
  5. 注意:“SSL Enabled”的服务主机项目属性为True;在项目配置项目中,url设置为https://localhost:44300/

    我遇到了问题。任何建议或解决方案?提前谢谢。

1 个答案:

答案 0 :(得分:3)

我学会了如何解决这个问题。我使用visual studio 2012中的EditWcfConfiguration工具制作它,如下所述。

首先,在主机项目属性中将“SSL Enabled”的属性设置为true。在此属性下,将自动生成ssl url(例如“https://localhost:44300/”)然后,右键单击主机项目并选择属性。在项目属性Web选项卡中,选中“使用本地IIS Web服务器”,然后选中“使用IIS Express”

- 在主机项目WebConfig中,右键单击,然后选择 EditWcfConfiguration

在EditWcfConfiguration中首先添加服务,然后为服务端点添加绑定,然后添加服务行为。

1-添加服务

  • 在主机的bin文件夹中浏览服务类型
  • 选择通信模式为HTTP
  • 选择高级Web服务互操作性作为单工通信
  • 将地址留空
  • 添加行为配置后;选择BehaviorConfiguration
  • 添加绑定配置后;然后,打开结束服务点,选择绑定(customBinding)和bindingConfiguration

2-添加自定义绑定

  • 重命名绑定以在service的BehaviorConfiguration属性中使用(例如'custom_binding')。
  • 添加安全性,httpsTransport标记。
  • 在安全标记下选择“AuthenticationMode”作为“UserNameOverTransport”。

3-在“高级/服务行为”文件夹中,添加新的服务行为配置

  • 重命名要在服务端点的BindingConfiguration属性中使用的行为(例如safe_behavior)。
  • 添加serviceCredentials,serviceMetadata,serviceDebug标记。
  • 对于serviceCredentials标记属性:

    a-)选择customUserNamePasswordValidatorType作为验证器类及其命名空间(例如:'Rids.WcfHost.ServiceUserValidator,Rids.WcfHost')

    b-)选择userNamePasswordValidationMode作为自定义

  • 对于clientCertificate标记(在serviceCredentials标记下)属性,选择certificateValidationMode为None,将revocationMode选为NoCheck

  • 对于serviceMetadata标记属性,将HttpsGetEnabled设置为True
  • 对于serviceDebug标记属性,将includeExceptionDetailInFaults设置为True

完成这些步骤后,生成的服务模型为:

<system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="safe_behavior">
          <serviceCredentials>
            <clientCertificate>
              <authentication certificateValidationMode="None" revocationMode="NoCheck" />
            </clientCertificate>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
              customUserNamePasswordValidatorType="Rids.WcfHost.ServiceUserValidator, Rids.WcfHost" />
          </serviceCredentials>
          <serviceMetadata httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <customBinding>
        <binding name="custom_binding">
          <security authenticationMode="UserNameOverTransport" />
          <httpsTransport />
        </binding>
      </customBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="safe_behavior" name="Rids.Services.Services.SurveyService">
        <endpoint address="" binding="customBinding"
          bindingConfiguration="custom_binding" contract="Rids.Services.Services.ISurveyService" />
      </service>
    </services>
  </system.serviceModel>