WCF 自定义身份验证提供程序

发布于 2024-10-01 01:09:53 字数 1552 浏览 8 评论 0原文

我正在(拼命地)尝试让客户身份验证提供商为我的 WCF 服务工作。到目前为止我有以下代码;

web.config

      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom"  customUserNamePasswordValidatorType="MyNamespace.CustomUserNameValidator, MyNamespace" />
      </serviceCredentials>

     <wsHttpBinding>
    <binding name="wsHttpBindingConfig" >
      <security mode="Message">
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </wsHttpBinding>

      <serviceBehaviors>
    <behavior>
      <serviceMetadata httpGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="true"/>
    </behavior>
  </serviceBehaviors>

自定义验证器类;

public class CustomUserNameValidator : UserNamePasswordValidator
{
    public override void Validate(string userName, string password)
    {
        // have security details been provided?
        if (null == userName || null == password)
        {
            throw new ArgumentNullException();
        }

        // authenticate user
        if (!(userName == "test" && password == "test"))
        {
            // This throws an informative fault to the client.
            throw new FaultException("SecurityFailed");
        }
    }
}

一切都编译正常,但是当我使用 Visual Studio 中的 WCF 测试客户端调用名为 Ping 的方法(如下)时,自定义身份验证器永远不会被使用。 Ping 方法只会执行,并且我的 CustomUserNameValidator 类中的任何断点都会执行。

为什么会这样呢?感谢所有帮助。

I am trying (desperately) to get a customer authentication provider working for my WCF service. So far I have the following code;

web.config

      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom"  customUserNamePasswordValidatorType="MyNamespace.CustomUserNameValidator, MyNamespace" />
      </serviceCredentials>

     <wsHttpBinding>
    <binding name="wsHttpBindingConfig" >
      <security mode="Message">
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </wsHttpBinding>

      <serviceBehaviors>
    <behavior>
      <serviceMetadata httpGetEnabled="true"/>
      <serviceDebug includeExceptionDetailInFaults="true"/>
    </behavior>
  </serviceBehaviors>

Custom authenticator class;

public class CustomUserNameValidator : UserNamePasswordValidator
{
    public override void Validate(string userName, string password)
    {
        // have security details been provided?
        if (null == userName || null == password)
        {
            throw new ArgumentNullException();
        }

        // authenticate user
        if (!(userName == "test" && password == "test"))
        {
            // This throws an informative fault to the client.
            throw new FaultException("SecurityFailed");
        }
    }
}

Everything compiles ok, but when I use the WCF test client from visual studio to call a method called Ping (below), the custom authenticator never gets used. The Ping method just executes and any breakpoint I have in my CustomUserNameValidator class.

Why would this be? All help appreciated.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

遥远的绿洲 2024-10-08 01:09:54

在具有类型第二部分的行中

customUserNamePasswordValidatorType="MyNamespace.CustomUserNameValidator, MyNamespace"

(当前具有“MyNamespace”)应该是包含该类型的程序集的名称,没有任何文件扩展名。

请参阅此问题获取更多帮助。

In the line where you have

customUserNamePasswordValidatorType="MyNamespace.CustomUserNameValidator, MyNamespace"

the second part of the type (you currently have "MyNamespace") should be the name of the assembly containing the type, without any file extension.

See this question for more help.

万劫不复 2024-10-08 01:09:54

一些建议。

  1. WCFTestClient 不是最好的应用程序。您最好使用 SOAPUI(可在 www.soapUI.org 下载)之类的工具。 WCFTestClient 不会导入所有配置设置,并且不是测试的最佳方法。
  2. 当我使用 CustomAuthentication 时,我像这样设置绑定:

    ;  
        <绑定名称=“wsHttpBindingConfig”>  
           <安全模式=“TransportWithMessageCredentials”>  
               
             
          
     
    

我假设您会喜欢某种形式的安全性。在您的计算机上使用自签名 SSL 证书进行测试非常简单。 此处提供了有关如何执行此操作的更多信息。

A few suggestions.

  1. The WCFTestClient is not the best application. You would be better off using a tool like SOAPUI (downloadable at www.soapUI.org). The WCFTestClient does not import all configuration settings and is not the best method for testing.
  2. When I use CustomAuthentication I set my binding up like this:

    <wsHttpBinding>  
        <binding name="wsHttpBindingConfig" >  
           <security mode="TransportWithMessageCredentials">  
             <message clientCredentialType="UserName" />  
           </security>  
        </binding>  
    </wsHttpBinding> 
    

I assume you will like some form of security down the line. Testing with a self signed SSL cert on your machine pretty easy. There is more information about how to do this here.

浪漫人生路 2024-10-08 01:09:54

我已获取您提供的所有信息并创建了一个模板 web.config。我想象它看起来像这样。

<system.serviceModel>
   <services>
     <service name="<YourNameSpace>.<ServiceName>" <behaviorConfiguration="<YourNameSpace>.<BehaviorName>">
      <endpoint
        address=""
        binding="wsHttpBinding"
        bindingConfiguration="wsHttpBindingConfig"
        contract="<YourNameSpace>.<ServiceInterface>"
      />
         <!--Notice the binding is mexHttpsBinding, default is http-->
      <endpoint 
        address="mex" 
        binding="mexHttpsBinding" 
        contract="IMetadataExchange" 
      />
     </service>
   </services>
<behaviors>
   <serviceBehaviors>
       <behavior name="<YourNameSpace>.<BehaviorName>">
          <!--Notice the httpsGetEnabled, default is http-->
      <serviceMetadata httpsGetEnabled="true"/>
           <serviceDebug includeExceptionDetailInFaults="false"/>
           <serviceCredentials>
              <userNameAuthentication
                 userNamePasswordValidationMode="Custom"                 
                 customUserNamePasswordValidatorType="<YourNameSpace>.CustomUserNameValidator, <YourNameSpace>"
              />
           </serviceCredentials>
       </behavior>
   </serviceBehaviors>
</behaviors>
<bindings>
  <wsHttpBinding>
    <binding name="wsHttpBindingConfig">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  <wsHttpBinding>
</bindings>

I've taken all of the information that you've provided and created a template web.config. I would envision it looking something like this.

<system.serviceModel>
   <services>
     <service name="<YourNameSpace>.<ServiceName>" <behaviorConfiguration="<YourNameSpace>.<BehaviorName>">
      <endpoint
        address=""
        binding="wsHttpBinding"
        bindingConfiguration="wsHttpBindingConfig"
        contract="<YourNameSpace>.<ServiceInterface>"
      />
         <!--Notice the binding is mexHttpsBinding, default is http-->
      <endpoint 
        address="mex" 
        binding="mexHttpsBinding" 
        contract="IMetadataExchange" 
      />
     </service>
   </services>
<behaviors>
   <serviceBehaviors>
       <behavior name="<YourNameSpace>.<BehaviorName>">
          <!--Notice the httpsGetEnabled, default is http-->
      <serviceMetadata httpsGetEnabled="true"/>
           <serviceDebug includeExceptionDetailInFaults="false"/>
           <serviceCredentials>
              <userNameAuthentication
                 userNamePasswordValidationMode="Custom"                 
                 customUserNamePasswordValidatorType="<YourNameSpace>.CustomUserNameValidator, <YourNameSpace>"
              />
           </serviceCredentials>
       </behavior>
   </serviceBehaviors>
</behaviors>
<bindings>
  <wsHttpBinding>
    <binding name="wsHttpBindingConfig">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  <wsHttpBinding>
</bindings>

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文