wcf中的自定义用户名验证

Question

I have a wcf service and client,and would like to provide additional protection with checking of username and password. 我有wcf服务和客户端，并希望通过检查用户名和密码来提供额外的保护。 I have following validatir class 我有以下validatir课程

public class UserCredentialsValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if (!string.Equals(userName, Config.Login, StringComparison.InvariantCultureIgnoreCase)
                && !String.Equals(password, Config.Password))
            {
                throw new FaultException("Invalid user credentials. Access denied.");
            }
        }
    }

and following server configuration 和以下服务器配置

<behaviors>
      <serviceBehaviors>
        <behavior name="serviceBehavior">
          <serviceDebug includeExceptionDetailInFaults="true"/>   <serviceCredentials>
                    <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="FileStorage.Core.ServiceModel.UserCredentialsValidator, FileStorage.Core"/>
                </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="FileStorage.Core.ServiceModel.FileStorageService" behaviorConfiguration="serviceBehavior">
        <endpoint address="" contract="FileStorage.IFileStorage" binding="wsHttpBinding" bindingConfiguration="bindingConfig"/>
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="bindingConfig" maxBufferPoolSize="104857600" maxReceivedMessageSize="104857600" openTimeout="00:10:00" 
                 closeTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
          <readerQuotas maxDepth="32" maxStringContentLength="104857600" maxArrayLength="104857600"
                        maxBytesPerRead="104857600" maxNameTableCharCount="1024"/> <security mode="Message">
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>

Problem is that CustomValidatir never execute Validate method, eg validation logic doesn't execute 问题是CustomValidatir从不执行Validate方法，例如，验证逻辑不执行

What can cause this? 是什么原因造成的？ Thanks in advance 提前致谢

Answer 1

Try changing your 'security' section to read this... 尝试更改“安全性”部分以阅读此内容...

<security mode="TransportWithMessageCredential">
    <transport clientCredentialType="Basic" proxyCredentialType="Basic" />
    <message clientCredentialType="UserName"/>
</security>

Answer 2

The security mode="TransportWithMessageCredential" is ok. 安全模式=“ TransportWithMessageCredential”可以。 Not sure why we need transport clientCredentialType="Basic" proxyCredentialType="Basic"... 不知道为什么我们需要传输clientCredentialType =“ Basic” proxyCredentialType =“ Basic” ...

I am using transport clientCredentialType="Certificate" protectionLevel="EncryptAndSign" in my windows service hosted WCF..working fine..It seems the trick actually lies in choosing the correct security mode. 我在托管WCF的Windows服务中使用传输clientCredentialType =“ Certificate” protectionLevel =“ EncryptAndSign”。工作正常。看来，诀窍实际上在于选择正确的安全模式。

wcf中的自定义用户名验证

问题描述

2 个解决方案

解决方案1
0 2011-08-20 18:11:00

解决方案2
0 2012-01-19 06:19:25

wcf中的自定义用户名验证

问题描述

2 个解决方案

解决方案1 0 2011-08-20 18:11:00

解决方案2 0 2012-01-19 06:19:25

解决方案1
0 2011-08-20 18:11:00

解决方案2
0 2012-01-19 06:19:25