像往常一样,试图找到好的例子来做我想要的事情证明是困难的。
我在.NET 4.5中编写了一个简化配置的WCF服务,所以配置文件中没有服务部分。
我想提供SOAP和REST API。我还需要通过用户名和密码来限制访问,并且我编写了一个派生自UserNamePasswordValidator的类来处理这个问题。
通过将服务引用导入桌面应用程序,我可以使用以下代码调用该服务:
var svc = new MyUserService.UserServiceClient();
svc.ClientCredentials.UserName.UserName = "TestApp";
svc.ClientCredentials.UserName.Password = "******";
我希望能够使用以下内容从Javascript调用该服务:
$.ajax({
url: 'https://domain.userservice.svc',
type: 'GET',
contentType: "application/json",
success: function(data){
},
data: requestData,
headers: {
User: "TestApp",
Password: "********"
}
});
到目前为止,这是配置文件,SOAP服务正在运行。
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBindingConfig">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyAuthenticationModule.Security.WcfUsernameValidator, MyAuthenticationModule.Security" />
<serviceCertificate findValue="TestSelfSigned" storeLocation="LocalMachine" x509FindType="FindBySubjectName" storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add scheme="http" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingConfig" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
盲目地关注网络上的例子,我最终得到了这个:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBindingConfig">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
<webHttpBinding>
<binding name="webHttpBindingJson">
<security mode="None" />
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyAuthenticationModule.Security.WcfUsernameValidator, MyAuthenticationModule.Security" />
<serviceCertificate findValue="TestSelfSigned" storeLocation="LocalMachine" x509FindType="FindBySubjectName" storeName="My" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
<endpointBehaviors>
<behavior name="jsonEndpointBehaviour">
<enableWebScript/>
</behavior>
<behavior name="poxEndpointBehaviour">
<webHttp/>
</behavior>
</endpointBehaviors>
</behaviors>
<protocolMapping>
<add scheme="http" binding="wsHttpBinding" bindingConfiguration="wsHttpBindingConfig" />
<add scheme="httpJson" binding="webHttpBinding" bindingConfiguration="webHttpBindingJson"/>
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
我不认为我离它太远,但我知道我不在那里。有人可以完成配置,还是指向正确的方向?我需要从JavaScript调用哪个URL?
如果我要添加Web API以支持REST服务,那么我可以通过在Global.asax中捕获请求来处理跨源问题。我将如何处理WFC服务中的角色。
还有一个额外的问题......我想在我的开发机器/密码验证上测试用户名而无需安装证书并转到https,稍后在部署的站点上应用https,但这看起来不太可能。我是对的吗?
感谢您的帮助...