使用basicHttpBinding和自定义UserNamePasswordValidator的WCF身份验证?
[英]WCF Authentication using basicHttpBinding and custom UserNamePasswordValidator?
问题描述
Here i am implementing custom usernamepasswordvalidator in WCF RESTfull service.What i need is while invoking this one http://localhost:12229/RestServiceImpl.svc/GetStudentObj through Chrome REST Client it is not validating the username password..it directly invoke this method and fetching the result.What am i doing wrong here?? 
在这里,我正在WCF RESTfull服务中实现自定义usernamepasswordvalidator。我需要的是通过Chrome REST Client调用此http://localhost:12229/RestServiceImpl.svc/GetStudentObj ,它没有验证用户名密码。并获取结果。我在这里做错了什么?
My interface 我的介面
[ServiceContract]
public interface IRestServiceImpl
{
[OperationContract]
[WebInvoke(Method = "GET", UriTemplate = "/GetStudentObj", RequestFormat = WebMessageFormat.Json,
ResponseFormat = WebMessageFormat.Json)]
Student GetStudent();
}
SVC SVC
public class RestServiceImpl : IRestServiceImpl
{
public Student GetStudent()
{
Student stdObj = new Student
{
StudentName = "Foo",
Age = 29,
Mark = 95
};
return stdObj;
}
public class CustomUserNameValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException("You must provide both the username and password to access this service");
}
if (!(userName == "user1" && password == "test") && !(userName == "user2" && password == "test"))
{
throw new SecurityTokenException("Unknown Username or Incorrect Password");
}
}
}
}
and Web.Config 和Web.Config
<system.serviceModel>
<bindings>
<webHttpBinding>
<binding name="webHttpTransportSecurity">
<security mode="Transport">
<transport clientCredentialType="Basic"></transport>
</security>
</binding>
</webHttpBinding>
</bindings>
<protocolMapping>
<add scheme="http" binding="webHttpBinding"/>
</protocolMapping>
<services>
<service name="RestService.RestServiceImpl" >
<endpoint address="" binding="webHttpBinding" contract="RestService.IRestServiceImpl"></endpoint>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior>
<webHttp />
</behavior >
</endpointBehaviors>
<serviceBehaviors>
<behavior name="SecureRESTSvcTestBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="RESTfulSecuritySH.CustomUserNameValidator, RESTfulSecuritySH" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
Any suggestion?? 有什么建议吗?
1 个解决方案
解决方案1
0 2013-01-31 21:37:02
It seems that you didn't set the custom behavior for your service. 似乎您没有为服务设置自定义行为。
You need to tell the service about your SecureRESTSvcTestBehavior behavior by using the behaviorConfiguration attribute: 您需要使用behaviorConfiguration属性将有关SecureRESTSvcTestBehavior行为的信息告知服务:
<service name="RestService.RestServiceImpl" behaviorConfiguration="SecureRESTSvcTestBehavior">
<endpoint address="" binding="webHttpBinding" contract="RestService.IRestServiceImpl"></endpoint>
</service>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.