WCF 中未调用自定义用户/密码验证
[英]Custom user / password validation not called in WCF
问题描述
I'm working on a WCF webservice.
我正在开发 WCF 网络服务。 I add a custom user / password validation, but my method is not called.我添加了自定义用户/密码验证,但没有调用我的方法。
I created a new class in App_Code:我在 App_Code 中创建了一个新的 class:
public class Connexion : System.IdentityModel.Selectors.UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
string Result = CsGeneral.Instance.RequeteScalar<string>(string.Format("select IdUser from usr.User where IdUser = '{0}' and Password = '{1}'", userName.Replace("'", "''"), CsGeneral.Instance.Crypt(password)));
if (string.IsNullOrWhiteSpace(Result)) throw new FaultException("Login et/ou mot de passe invalide");
}
}
And I changed my web.config to call this method:我改变了我的 web.config 来调用这个方法:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="SSL_WcfBijoux" bypassProxyOnLocal="true" maxBufferPoolSize="524288000"
maxReceivedMessageSize="655360000">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="BhvBijoux" name="Bijoux">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="SSL_WcfBijoux" contract="IBijoux" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
<behavior name="BhvBijoux">
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WsLogebi.Connexion, App_Code" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel> </system.serviceModel>
I add a break point in the Validate method, but I can call my webservice method over my https URL without passing this method...我在 Validate 方法中添加了一个断点,但我可以通过我的 https URL 调用我的 webservice 方法而不通过此方法...
What am I doing wrong?我究竟做错了什么?
Thank you in advance !!!!先感谢您 !!!!
2 个解决方案
解决方案1
0 2020-06-29 03:12:39
First of all, you have to check what binding is used by the client.首先,您必须检查客户端使用的绑定。 In your configuration file, I see two bindings, one is wsHttpBinding and the other is basicHttpsBinding.在您的配置文件中,我看到两个绑定,一个是 wsHttpBinding,另一个是 basicHttpsBinding。 If the client uses basicHttpsBinding, custom authentication is useless.如果客户端使用basicHttpsBinding,自定义认证是没用的。 I suggest that you can delete protocolMapping before testing.我建议你可以在测试前删除protocolMapping。 Here is my demo:这是我的演示:
<system.serviceModel>
<services>
<service name="Microsoft.Samples.UserNamePasswordValidator.CalculatorService" behaviorConfiguration="CalculatorServiceBehavior">
<host>
<baseAddresses>
<!-- configure base address for host -->
<add baseAddress="http://localhost:8001/servicemodelsamples/service"/>
</baseAddresses>
</host>
<!-- use base address provided by host, provide one endpoint -->
<endpoint address="username" binding="wsHttpBinding" bindingConfiguration="Binding1" contract="Microsoft.Samples.UserNamePasswordValidator.ICalculator"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<!-- Username binding -->
<binding name="Binding1">
<security mode="Message">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="CalculatorServiceBehavior" includeExceptionDetailInFaults="True">
<serviceCredentials>
<!--
The serviceCredentials behavior allows one to specify a custom validator for username/password combinations.
-->
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Microsoft.Samples.UserNamePasswordValidator.CalculatorService+CustomUserNameValidator, service"/>
<serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
This is the configuration file, you can also try to set the value of mode to message.这是配置文件,你也可以尝试将mode的值设置为message。
public class CustomUserNameValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException();
}
if (!(userName == "test1" && password == "1tset") && !(userName == "test2" && password == "2tset"))
{
throw new FaultException("Unknown Username or Incorrect Password");
}
}
}
This is a custom verification class.这是一个自定义验证 class。
解决方案2
0 2020-06-29 18:54:15
Thank you for your answer.谢谢您的回答。
Finnaly, I find it !最后,我找到了!
It was in my service declaration, I had to use:在我的服务声明中,我必须使用:
<service name="WsLogebi.Bijoux" behaviorConfiguration="TreizOr_Behavior">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration="secureHttpBinding"
contract="WsLogebi.IBijoux"/>
</service>
And the customnamevalidator was incorrect.并且 customnamevalidator 不正确。 I had to write the complete class name with namespace, and the folder and the file where it was.我必须写完整的 class 名称和命名空间,以及它所在的文件夹和文件。
customUserNamePasswordValidatorType="WsLogebi.App_Code.Authentification.Connexion, App_Code/Connexion"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.