我创建了一个带有多个接口的WCF服务。这一次为多个用户服务。
我是否需要更改ServiceContract或ServiceBehaviour中的任何内容以确保两个客户端之间没有“交叉”?
ServiceContract留空,但我的.svc中的ServiceBehaviour是这样的:
<ServiceBehavior(InstanceContextMode:=InstanceContextMode.PerCall, AutomaticSessionShutdown:=True,
ConcurrencyMode:=ConcurrencyMode.Single, IncludeExceptionDetailInFaults:=True)>
非常感谢任何帮助。
验证:
Imports System.Data.SqlClient
Imports System.IdentityModel.Selectors
Imports System.Reflection
Imports System.Security
Imports System.Threading
Imports DVPWCFService.Modules
Namespace Classes.Admin
Public Class Validation
Inherits UserNamePasswordValidator
Private _dbUsername As String
Private _dbPassword As SecureString
Public Overrides Sub Validate(userName As String, password As String)
Try
_dbUsername = userName
_dbPassword = ConvertToSecureString(password)
DbUsername = userName
DbPassword = ConvertToSecureString(password)
Dim dummyConnectionForValidation As SqlConnection = LogInTry("A real server name")
dummyConnectionForValidation.Close()
dummyConnectionForValidation.Dispose()
Catch ex As Exception
If ex.GetType Is GetType(SqlException) Then
DVPEventLog.WriteEntry("Authentication has failed for user: '" + userName + "'", EventLogEntryType.Warning)
Else
DVPEventLog.WriteEntry("Error: " & ex.Message & Environment.NewLine & Environment.NewLine & "Stack Trace: " & ex.StackTrace & Environment.NewLine & Environment.NewLine & "Method Name: " & MethodBase.GetCurrentMethod.Name, EventLogEntryType.Error, EventLogEntryType.Error)
End If
Thread.Sleep(5000)
Throw New FaultException("Log in failed.")
End Try
End Sub
Private Function LogInTry(serverName As String) As SqlConnection
LogInTry = New SqlConnection
LogInTry.ConnectionString = "Data Source=" & serverName & ";Persist Security Info=True;MultipleActiveResultSets=True;"
LogInTry.FireInfoMessageEventOnUserErrors = True
LogInTry.Credential = New SqlCredential(_dbUsername, _dbPassword)
LogInTry.Open()
End Function
Private Function ConvertToSecureString(convertee As String) As SecureString
ConvertToSecureString = New SecureString()
For Each stringCharacter In convertee.ToCharArray()
ConvertToSecureString.AppendChar(stringCharacter)
Next
ConvertToSecureString.MakeReadOnly()
End Function
End Class
End Namespace
Web配置:
<?xml version="1.0"?>
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2"/>
</system.web>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="SSL Binding" openTimeout="00:00:20" receiveTimeout="08:00:00" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="2147483647"
maxBytesPerRead="4096" maxNameTableCharCount="2147483647" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" algorithmSuite="TripleDesSha256Rsa15" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="Custom Validation Service Behavior" name="DVPWCFService.DVP">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL Binding"
name="IComponent" contract="DVPWCFService.Interfaces.IComponent" />
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL Binding"
name="IProgramme" contract="DVPWCFService.Interfaces.IProgramme" />
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL Binding"
name="IVehicle" contract="DVPWCFService.Interfaces.IVehicle" />
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL Binding"
name="IMiscellaneous" contract="DVPWCFService.Interfaces.IMiscellaneous" />
<endpoint address="mex" binding="mexHttpsBinding" name="metadata"
contract="IMetadataExchange" />
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL Binding"
name="IReservation" contract="DVPWCFService.Interfaces.IReservation" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Custom Validation Service Behavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug httpHelpPageEnabled="true" httpsHelpPageEnabled="true"
includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate findValue="blahblahblah"
x509FindType="FindByThumbprint" />
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="DVPWCFService.Classes.Admin.Validation, DVPWCFService"/>
</serviceCredentials>
<dataContractSerializer />
<serviceThrottling maxConcurrentCalls="10" maxConcurrentSessions="10" maxConcurrentInstances="1" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="wsHttpBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="false" multipleSiteBindingsEnabled="false" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="false"/>
</system.webServer>
</configuration>
答案 0 :(得分:0)
因此,经过几个小时的挖掘,强制它在每次调用时进行身份验证,因此不会干预其他情境,我将其置于绑定中:
<message clientCredentialType="UserName"
algorithmSuite="TripleDesSha256Rsa15"
establishSecurityContext="false" />
重要位是 establishSecurityContext =“false”,默认值为true,因此它会记住上次建立的登录,当您将其设置为false时,它会在每次调用时重新进行身份验证。为了提高效率,您需要使用您的身份验证代码。