Question

我一直试图让这个工作几个小时，但没有运气。我正在尝试创建一个具有验证的WCF Web服务。我希望服务的消费者需要这样做：

ServiceReference1.XServiceClient client = new ServiceReference1.XServiceClient();
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";

之前他可以调用任何服务方法。我发现我必须创建一个CustomUserNamePasswordValidator，因此我在解决方案中创建了类库项目以包含Custom Validator类。我只想验证它是否有效。

namespace XServices
{
    public class CustomUserNameValidator : UserNamePasswordValidator
    {
        public override void Validate(string username, string password)
        {
            if (!(username == "test" && password == "password"))
            {
                throw new FaultException("Invalid username or password!");
            } 
        }
    }
}

然后我尝试对WCF项目中的web.config文件进行必要的更改以支持它。不幸的是，这是我第一次遇到麻烦的地方。

这是我现在的web.config文件。

<?xml version="1.0"?>
<configuration>
  <connectionStrings>
    <!-- connection strings ommitted for security reasons -->
  </connectionStrings>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <customErrors mode="Off"/>
  </system.web>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true" />
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="true"/>
        </behavior>
        <behavior name="CustomValidator">
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CustomUserNameValidator.XServices.CustomUserNameValidator, CustomUserNameValidator"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding name="Binding1">
          <security mode="Message">
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

MSDN文档非常清楚customUserNamePasswordValidatorType的工作原理。示例https://msdn.microsoft.com/en-us/library/aa702565(v=vs.110).aspx完全掩盖了它，所以我不知道我是否做得正确。更糟糕的是，如果您为该参数添加的内容不正确，则不会引发错误。它只是默默地忽略它。简而言之，我的自定义验证器的Validate方法没有被调用。我无法弄清楚为什么，我找不到任何在谷歌搜索后工作的东西。请帮忙。

Answer 1

在您的服务配置中，您忘记将serviceBehavior与您的服务相关联。因此，您的服务对您的自定义验证器一无所知。

缺少以下部分：

<services>
    <service behaviorConfiguration="CustomValidator" name="ServiceName...">
    <endpoint name="EndpointName..." bindingConfiguration="Binding1" address="..." binding="wsHttpBinding" contract="..." />
    </service>
</services>

如何使我的CustomUserNamePasswordValidator工作

1 个答案: