SSL 网络服务中的自定义用户名/密码
本文关键字:密码 用户 自定义 网络服务 SSL | 更新日期: 2023-09-27 18:36:51
我有一个使用传输安全模式运行的基本httpbinding WCF服务。这工作正常,但是我想对请求此服务的用户进行身份验证,因此尝试使用TransportWithMessagCredential和消息客户端凭据类型的安全模式,并添加了一个服务行为来调用自定义密码验证器。我的问题是当我尝试使用Visual Studio调用引用时,我收到一条错误消息,指出找不到该服务。请在下面找到我的代码,并建议我可能需要进行的任何更改才能使其正常工作,并在尝试添加服务时提示我用户名/密码。
网络.config
<?xml version="1.0"?>
<configuration>
<system.diagnostics>
<sources>
<source name="System.ServiceModel" switchValue="Information, ActivityTracing"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add initializeData="WcfTraces.svclog" type="System.Diagnostics.XmlWriterTraceListener"
name="traceListener">
<filter type="" />
</add>
</listeners>
</source>
<source name="System.ServiceModel.MessageLogging" switchValue="Warning, ActivityTracing">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelMessageLoggingListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="c:'users'**'web_messages.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=***"
name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
</system.diagnostics>
<system.serviceModel>
<diagnostics>
<messageLogging logEntireMessage="true" logMalformedMessages="true"
logMessagesAtServiceLevel="false" logMessagesAtTransportLevel="true" />
</diagnostics>
<bindings>
<basicHttpBinding>
<binding name="basicBindingConfig">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="ServiceBehavior" name="nameSpaceX.Service">
<endpoint address="https://************:443/***.svc/"
binding="basicHttpBinding" bindingConfiguration="basicBindingConfig"
contract="nameSpaceY.IService">
<identity>
<certificateReference x509FindType="FindByThumbprint" findValue="****************" />
</identity>
</endpoint>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"
httpsGetUrl="https://*****:443/***.svc" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="namespaceX.UserNameValidator, namespaceX" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
用户名验证器.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
namespace namespaceX
{
class UserNameValidator: UserNamePasswordValidator
{
public override void Validate(string username, string password)
{
if(username == "test" && password == "1234")
return;
throw new SecurityTokenException("Incorrect username or Password");
}
}
}
这里不需要 *.svc 的路径。通常httpsGetUrl属性被跳过或存储...?WSDL
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"
httpsGetUrl="https://*****:443/***.svc" />
这是通过假设此处的 URL 与服务终结点中的 URL 相同的来告知的。Ti 应该是不同的 URL,因为一个是实现,第二个是元数据。