我正在使用WCF服务,该服务使用“传输”绑定进行通信,使用证书进行身份验证。
我的服务托管在IIS中。我必须覆盖WCF / IIS的默认身份验证并编写自定义实现。
我实现了自定义X509验证程序,但Api调用甚至没有到达验证程序并在此之前失败。
有没有办法覆盖默认的身份验证行为?
配置: -
<service name="MyService" behaviorConfiguration="MyServiceBehavior">
<endpoint binding="basicHttpBinding" bindingConfiguration="testBinding"
contract="MyService"/>
</service>
<basicHttpBinding>
<binding name="testBinding"
maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</basicHttpBinding>
<serviceBehaviors>
<behavior name="MyServiceBehavior">
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="Custom"
customCertificateValidatorType="TestCertificateValidation
,MyService"/>
</clientCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
自定义验证器: -
public class TestCertificateValidation : X509CertificateValidator
{
public override void Validate(X509Certificate2 certificate)
{
return;
}
}
先谢谢。