我正在尝试使用WCF服务扩展现有的ASP.NET应用程序。该服务必须通过与站点其余部分使用的相同成员资格提供程序进行身份验证。
这是web.config文件:
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" />
<authentication mode="Forms">
<forms name=".MyAppAuthentication" timeout="5760" slidingExpiration="true" />
</authentication>
<roleManager enabled="true" defaultProvider="AspNetSqlRoleProvider">
<providers>
<clear />
<add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="UsersContext" applicationName="MyApp" />
</providers>
</roleManager>
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="UsersContext" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="10" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="MyApp"/>
</providers>
</membership>
</system.web>
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
<bindings>
<wsHttpBinding>
<binding name="MembershipBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="MembershipBehaviour">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceAuthorization roleProviderName="AspNetSqlRoleProvider" principalPermissionMode="UseAspNetRoles" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="AspNetSqlMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="ServiceTestBackend.Services.TestService" behaviorConfiguration="MembershipBehaviour">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="MembershipBinding" contract="ServiceTestBackend.Services.ITestService" />
</service>
</services>
</system.serviceModel>
<connectionStrings>
<add name="UsersContext" connectionString="data source=.;initial catalog=MyApp.Accounts;integrated security=True;MultipleActiveResultSets=True;App=EntityFramework" providerName="System.Data.SqlClient" />
</connectionStrings>
</configuration>
服务代码非常简单:
public class TestService : ITestService
{
public string FindUser()
{
var user = Membership.GetUser();
return user.UserName;
}
}
客户端就是这么简单
var client = new TestService.TestServiceClient();
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";
var acc = client.FindUser();
调用服务器,但该方法失败,因为Membership.GetUser()返回null。
我在配置中遗漏了什么吗?
答案 0 :(得分:0)
我认为这里有一些混乱。我不确定你想要做什么。通过这样做,你可以使这变得非常简单。
public class TestService : ITestService
{
public string FindUser(string userName, string password)
{
var user = Membership.GetUser(username, password);
return (user!=null?user.userName: string.Empty);
}
}
您的客户应该是这样的;
using(var client = new TestService.TestServiceClient())
{
var response = client.FindUser(username, password);
//validate the response
}
答案 1 :(得分:0)
public string FindUser()
{
if (ServiceSecurityContext.Current != null)
return ServiceSecurityContext.Current.PrimaryIdentity.Name;
return null;
}
IPrincipal principal = Thread.CurrentPrincipal;
String user = principal.Identity.Name
HttContext.Current.User或Membership.GetUser()获取名称 - 因为您有很多现有代码 - 您可以编写自定义模块进行身份验证:看看我的帖子:https://stackoverflow.com/a/33523683/5295797
并仔细阅读模块的实施部分
还有一个完整的项目可以从该帖子的链接下载。
此致