WCF WebHttpBinding 与会员提供商身份验证
我有一个使用基本 HTTP 身份验证模式的 WebHttpBinding 服务,但是由于某些奇怪的原因,它会根据 Windows 帐户验证提供的用户名/密码,以为我指定了 userNamePasswordValidationMode="MembershipProvider"。
我发现其他帖子也报告了这个问题,但没有给出针对这种情况的答案。
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="WebBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="EPWeb">
<webHttp helpEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Foo">
<endpoint address="Test" behaviorConfiguration="EPWeb"
binding="webHttpBinding" bindingConfiguration="WebBinding"
contract="Foo.IService" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:3456/" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
I have a WebHttpBinding service which uses basic HTTP authentication mode, however for some strange reason it validates provided username/password against windows accounts, thought i specified userNamePasswordValidationMode="MembershipProvider".
I found other posts that report this problem too, but no answer to this situation have been given.
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="WebBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="EPWeb">
<webHttp helpEnabled="true" />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="SqlProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="ServiceBehavior" name="Foo">
<endpoint address="Test" behaviorConfiguration="EPWeb"
binding="webHttpBinding" bindingConfiguration="WebBinding"
contract="Foo.IService" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:3456/" />
</baseAddresses>
</host>
</service>
</services>
</system.serviceModel>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
此配置将不起作用。但这个问题有一些解决方法:
This configuration will not work. But there are workarounds to this issue:
令牌传递登录或自定义 http 身份验证模块。
这是自定义身份验证模块的链接。 http://custombasicauth.codeplex.com/
对于基于令牌,您可以使用 OAuth 实现。
Token passed login or a custom http authentication module.
Here is a link to a custom authentication module. http://custombasicauth.codeplex.com/
For token based, you could use an OAuth implementation.