WCF自定义身份验证不起作用

时间:2010-12-17 19:11:00

标签: c# .net wcf authentication wcf-security

尝试为wcf服务实现简单的“用户名”/“密码”身份验证。但它只是不起作用。没有错误/例外。 这是Web配置代码:

    <?xml version="1.0"?>
    <configuration>     
        <system.web>
            <compilation debug="true" targetFramework="4.0"/>
            <customErrors mode="Off"/>
        </system.web>
        <system.serviceModel>
      <services>
      <service name="XYZService"
               behaviorConfiguration="XYZBehavior">        
        <!-- use base address specified above, provide one endpoint -->
        <endpoint address=""
                  binding="basicHttpBinding"
                  bindingConfiguration="XYZBinding"
                  contract="IXYZService" />
        <!--<endpoint address="mex"
                  binding="mexHttpBinding"
                  contract="IMetadataExchange" />-->
      </service>
    </services>
    <bindings>
      <basicHttpBinding>
        <binding name="XYZBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Basic" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
        <behaviors>
                <serviceBehaviors>
                    <behavior>
                        <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                        <serviceMetadata httpGetEnabled="true"/>
                        <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                        <serviceDebug includeExceptionDetailInFaults="true"/>
                        <serviceCredentials>
                            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="XYZBinding.LicensingServer.CCustomValidatorClass, XYZBinding.LicensingServer"/>
                        </serviceCredentials>
                    </behavior>
                </serviceBehaviors>
            </behaviors>
            <serviceHostingEnvironment multipleSiteBindingsEnabled="true"/>
        </system.serviceModel>
        <system.webServer>
            <modules runAllManagedModulesForAllRequests="true"/>
        </system.webServer>
    </configuration>

验证码:

public class CCustomValidatorClass : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if(userName != "Test" || password != "1234567")
            {
                throw new FaultException("The provided credentials are invalid.");
            }
        }
    }

没有错误或例外。我可以调用该服务并在没有任何凭据的情况下执行。在本地调试时,从不命中验证方法。

我不知道错过了什么。

1 个答案:

答案 0 :(得分:-1)

服务是否在IIS中托管?如果是这样,则可能不支持此操作,因为IIS执行传输身份验证。 http://msdn.microsoft.com/en-us/library/aa702565.aspx

相关问题
最新问题