我正在尝试使用自定义用户名和密码验证程序访问wcf服务。 在这种情况下,我有一个在.net 2.0中运行的win控制台应用程序和在.net 4.0中运行的wcf服务 在向服务添加Web引用之后,我可以调用该方法并在控制台中打印结果。
现在我想添加一些安全性.. 我是web / wcf服务认证过程的新手.. 在我做的第一个项目中,我使用的是soap标题,但在这种情况下,两者都在.net 4.0中运行。
我确实发现有一些方法可以做到这一点,但作为一个初学者,我想了解基本的方式,在这种情况下发送用户名和passoword,似乎是一个简单的方法来做到这一点.. 所以为了做到这一点,我需要创建一个扩展UserNamePasswordValidator的新类并覆盖方法validate
public override void Validate(string userName, string password)
{
if (userName != "teste")
throw new SecurityTokenException("Unknown Username or Password");
}
我遇到的问题是配置webservie的web配置文件以使用此自定义验证器。
这是我的web.config
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="secureHTPPS">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Services.CustomUserNamePasswordValidator, Services" />
</serviceCredentials>
<!-- To avoid disclosing metadata information, set the value below to false before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
在此之后,我应该能够在我的控制台中调用该服务 像这样
localhost.Service1 client = new ConsoleApplication1.localhost.Service1();
client.ClientCredentials.UserName.UserName = "yaron";
client.ClientCredentials.UserName.Password = "1234";
但在这种情况下,它在clientCredentials上给我错误,它缺少一个引用.. 但此参考仅适用于.net 3.0及以上版本...
想法是发送用户名和密码然后验证用户名,之后调用方法...
我该怎么做..
我遇到过这些问题而且我没有设法让它发挥作用......
所以我需要使用basichttpbinding,因为控制台应用程序和服务上框架使用的差异......
我需要配置iis才能使用https ...为此我确实遵循了这个例子: http://msdn.microsoft.com/en-us/library/hh556232.aspx
我按照此页面创建服务示例.. http://www.brhlavinka.com/2013/06/07/secure-wcf-service-with-basichttpbinding-and-custom-credentials/
这是我的web.config文件
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.serviceModel>
<services>
<service name="WcfService1.Service1"
behaviorConfiguration="Brett_Behavior">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="Brett_BindingConfiguration"
contract="WcfService1.IService1" />
<endpoint address="mex"
binding="mexHttpsBinding"
contract="IMetadataExchange" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="Brett_BindingConfiguration">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Brett_Behavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WcfService1.Auth, WcfService1"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<!--
To browse web app root directory during debugging, set the value below to true.
Set to false before deployment to avoid disclosing web app folder information.
-->
<directoryBrowse enabled="true"/>
</system.webServer>
</configuration>
当我选择service1.svc并尝试在浏览器中查看时,它现在给我这个错误:
无法使用绑定BasicHttpBinding找到端点的匹配方案https基址。注册的基地址方案是[http]。
我需要做什么?