Unity IoC + WCF + wsHTTPBinding +证书授权

时间:2011-08-31 21:03:23

标签: asp.net-mvc wcf asp.net-mvc-3 unity-container wcf-security

我在IIS上有两个用于开发的应用程序。第一个包含所有逻辑和与数据库通信的WCF应用程序(我们称之为服务器)。另一个引用WCF应用程序的ASP.NET MVC 3应用程序(我们称之为客户端)。

我遇到了将WCF web.config配置与Unity IoC自定义服务主机和自定义行为混合的问题。

当所有配置由Unity完成时,它会创建简单的BasicHttpBinding,但我的要求是使用证书授权使其安全,所以我需要wsHTTPBinding。

-------------为BasicHttpBinding配置------------

首先看一下WCF的常见Unity实现:

internal class UnityInstanceProvider :  IInstanceProvider
{
    private readonly IUnityContainer container;
    private readonly Type contractType;

    public UnityInstanceProvider(
        [NotNull] IUnityContainer container, 
        [NotNull] Type contractType)
    {
        this.container = container;
        this.contractType = contractType;
    }

    #region IInstanceProvider Members

    public object GetInstance(InstanceContext instanceContext)
    {
        return GetInstance(instanceContext, null);
    }

    public object GetInstance(InstanceContext instanceContext, Message message)
    {
        return container.Resolve(contractType);
    }

    public void ReleaseInstance(InstanceContext instanceContext, object instance)
    {
        container.Teardown(instance);
    }
}

internal class UnityServiceBehavior : IServiceBehavior
{
    private readonly IUnityContainer container;

    public UnityServiceBehavior(
        [NotNull] IUnityContainer container)
    {
        this.container = container;
    }

    #region IServiceBehavior Members

    public void Validate(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase)
    {
    }

    public void AddBindingParameters(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase, Collection<ServiceEndpoint> endpoints, BindingParameterCollection bindingParameters)
    {

    }

    public void ApplyDispatchBehavior(ServiceDescription serviceDescription, ServiceHostBase serviceHostBase)
    {
        foreach (ChannelDispatcher channelDispatcher in serviceHostBase.ChannelDispatchers)
        {
            foreach (EndpointDispatcher endpointDispatcher in channelDispatcher.Endpoints)
            {
                if (endpointDispatcher.ContractName != "IMetadataExchange")
                {
                    endpointDispatcher.DispatchRuntime.InstanceProvider = new UnityInstanceProvider(container, serviceDescription.ServiceType);



                }
            }
        }
    }

    #endregion
}

public class UnityServiceHost : ServiceHost
{
    private readonly IUnityContainer container;

    public UnityServiceHost(
        [NotNull] IUnityContainer container, 
        [NotNull] Type serviceType, 
        Uri[] baseAddresses)
        : base(serviceType, baseAddresses)
    {
        this.container = container;
    }

    protected override void OnOpening()
    {
        base.OnOpening();
        if (Description.Behaviors.Find<UnityServiceBehavior>() == null)
        {
            Description.Behaviors.Add(new UnityServiceBehavior(container));
        }
    }
}

public class UnityServiceHostFactory : ServiceHostFactory
{
    protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)
    {
        IUnityContainer container = new UnityContainer();
        UnityContainerConfigurator.Configure(container);
        return new UnityServiceHost(container, serviceType, baseAddresses);
    }
}

WCF应用程序web.config仅包含基本信息: 无端点,无服务定义。

现在假设我们的SecurityService具有定义:

<%@ ServiceHost Language="C#" Debug="true" 
Service="myNamespace.SecurityService" 
Factory="myNamespace.UnityServiceHostFactory" %>

现在我可以将SecurityService的服务引用添加到我的客户端。 它在客户端web.config中生成的这一步:

<basicHttpBinding>
<binding name="BasicHttpBinding_ISecurityService" closeTimeout="00:01:00"
 openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
 allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
 maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
 messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
 useDefaultWebProxy="true">
 <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
  maxBytesPerRead="4096" maxNameTableCharCount="16384" />
 <security mode="None">
  <transport clientCredentialType="None" proxyCredentialType="None"
   realm="" />
  <message clientCredentialType="UserName" algorithmSuite="Default" />
 </security>
</binding>

<endpoint address="http://localhost/wcf-app/SecurityService.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISecurityService"
contract="SecurityServiceReference.ISecurityService" name="BasicHttpBinding_ISecurityService" />

此时我为Unity配置了这个:

container.RegisterType<SecurityServiceClient>(new InjectionConstructor());

在客户端应用程序中,我可以简单地使用它(我在这里没有提到构造函数注入):

var securityService = DependencyResolver.Current.GetService<SecurityServiceClient>();

这一切都有效!但如果我想使用wsHTTPBinding那就不行......

-------------为wsHTTPBinding配置------------

要启用wsHTTPBinding,我在WCF Application的web.config中配置了它。作为BasicHttpBinding的其余部分,它不包含任何有关绑定,endpoin等的信息。

但是现在对于wsHTTPBinding我添加了:

<bindings>
  <wsHttpBinding>
    <binding name="wsHttpEndpointBinding">
      <security>
        <message clientCredentialType="Certificate" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

<services>   
  <service behaviorConfiguration="ServiceBehavior" name="myNamespace.SecurityService">
    <endpoint address="" binding="wsHttpBinding"
      bindingConfiguration="wsHttpEndpointBinding"
      name="wsHttpEndpoint" contract="myNamespace.ISecurityService">
    </endpoint>
    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
  </service>
</services>

<behaviors>
  <serviceBehaviors>
    <behavior name="ServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
      <serviceCredentials>
        <serviceCertificate findValue="CN=myClientCert" />
      </serviceCredentials>
    </behavior>
  </serviceBehaviors>
</behaviors>

在向客户端应用程序添加服务引用后,它会生成:

<wsHttpBinding>
<binding name="wsHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
 receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
 transactionFlow="false" hostNameComparisonMode="StrongWildcard"
 maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
 textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
 <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
  maxBytesPerRead="4096" maxNameTableCharCount="16384" />
 <reliableSession ordered="true" inactivityTimeout="00:10:00"
  enabled="false" />
 <security mode="Message">
  <transport clientCredentialType="Windows" proxyCredentialType="None"
   realm="" />
  <message clientCredentialType="Certificate" negotiateServiceCredential="true"
   algorithmSuite="Default" />
 </security>
</binding>

                   

我手动添加了behaviorConfiguration =“CertBehavior”,即:

<behaviors>
 <endpointBehaviors>
   <behavior name="CertBehavior">
     <clientCredentials>
       <clientCertificate findValue="CN=myClientCert"/>
     </clientCredentials>
   </behavior>
 </endpointBehaviors>

现在,当我想使用Unity解决它时:

var securityService = DependencyResolver.Current.GetService<SecurityServiceClient>();

我总是空的......

当我通过以下方式创建简单的实例时,有什么好笑的?

var client = new SecurityServiceReference.SecurityServiceClient();

它运行正常...所以肯定问题与错误的wsHttpBinding配置无关,而是将web +config中的Unity + wsHttpBinding结合起来......

任何人都可以帮我解决这个问题吗?

丹尼尔

1 个答案:

答案 0 :(得分:1)

好的,我明白了。

拉迪斯拉夫你是对的,它应该显示例外。 UnityDependencyResolver只是抓住了它。

internal class UnityDependencyResolver : IDependencyResolver
{
    private readonly IUnityContainer container;

    public UnityDependencyResolver([NotNull] IUnityContainer container)
    {
        this.container = container;
    }

    #region IDependencyResolver Members

    public object GetService(Type serviceType)
    {
        try
        {
            return container.Resolve(serviceType);
        }
        catch
        {
            return null;
        }
    }

    public IEnumerable<object> GetServices(Type serviceType)
    {
        try
        {
            return container.ResolveAll(serviceType);
        }
        catch
        {
            return new List<object>();
        }
    }

我还必须明确设置证书的证书位置:

<serviceCertificate findValue="CN=myClientCert"
                            storeName="My"
                            x509FindType="FindBySubjectDistinguishedName"
                            storeLocation="LocalMachine"
                            />

<clientCertificate findValue="CN=myClientCert" storeName="My"
                            x509FindType="FindBySubjectDistinguishedName"
                            storeLocation="LocalMachine"
                            />

现在工作正常。