具有动态用户名和密码的WCF自定义身份验证
[英]WCF Custom Authentication with dynamic user name and password
问题描述
I implemented a WCF service using custom authentication, it works fine when i pass a constant string of username and password into UsernameAuthentication class, Validate method and validate it there. 
我使用自定义身份验证实现了WCF服务,当我将恒定的用户名和密码字符串传递到UsernameAuthentication类,Validate方法并在那里进行验证时,它可以正常工作。 But is there a way i can pass Dynamic Username, password and validate them. 但是有没有办法我可以传递动态用户名,密码并验证它们。 How can i implement this and access those values in this class. 我如何实现它并访问此类中的那些值。
class UsernameAuthentication : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
var ok = (userName == "DynamicUserName") && (password == "DynamicPassWord");
if (ok == false)
throw new AuthenticationException("u/p does not match");
}
}
1 个解决方案
解决方案1
0 2012-11-26 16:10:38
Inside the Validate method you will have to query your own user database and check if the username and password are valid. 在Validate方法中,您将必须查询自己的用户数据库,并检查用户名和密码是否有效。 Usually you will use an RDBMS or an XML file where all user-data are stored. 通常,您将使用RDBMS或XML文件来存储所有用户数据。
Have a look at ASP.NET's Membership for an example of a database schema that supports role-based security. 请查看ASP.NET的Membership ,以获取支持基于角色的安全性的数据库架构示例。 Even better, you could integrate ASP.NET's Membership with WCF. 更好的是,您可以将ASP.NET的Membership与WCF集成在一起。 Hva a look at the "Control Access to and Usage of Public Web-Hosted Services" of this article . HVA看看这个的“公共Web托管服务的控制访问和使用” 的文章 。 You could also read the chapter on security in Essential WCF by Resnick, Crane and Bowen where they describe many ways to support authentication/authorization in WCF services. 您还可以阅读Resnick,Crane和Bowen撰写的有关Essential WCF中安全性的章节,其中描述了支持WCF服务中身份验证/授权的多种方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.