[英]WCF Custom Authentication with dynamic user name and password
I implemented a WCF service using custom authentication, it works fine when i pass a constant string of username and password into UsernameAuthentication class, Validate method and validate it there. 我使用自定义身份验证实现了WCF服务,当我将恒定的用户名和密码字符串传递到UsernameAuthentication类,Validate方法并在那里进行验证时,它可以正常工作。 But is there a way i can pass Dynamic Username, password and validate them.
但是有没有办法我可以传递动态用户名,密码并验证它们。 How can i implement this and access those values in this class.
我如何实现它并访问此类中的那些值。
class UsernameAuthentication : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
var ok = (userName == "DynamicUserName") && (password == "DynamicPassWord");
if (ok == false)
throw new AuthenticationException("u/p does not match");
}
}
Inside the Validate
method you will have to query your own user database and check if the username and password are valid. 在
Validate
方法中,您将必须查询自己的用户数据库,并检查用户名和密码是否有效。 Usually you will use an RDBMS or an XML file where all user-data are stored. 通常,您将使用RDBMS或XML文件来存储所有用户数据。
Have a look at ASP.NET's Membership for an example of a database schema that supports role-based security. 请查看ASP.NET的Membership ,以获取支持基于角色的安全性的数据库架构示例。 Even better, you could integrate ASP.NET's Membership with WCF.
更好的是,您可以将ASP.NET的Membership与WCF集成在一起。 Hva a look at the "Control Access to and Usage of Public Web-Hosted Services" of this article .
HVA看看这个的“公共Web托管服务的控制访问和使用” 的文章 。 You could also read the chapter on security in Essential WCF by Resnick, Crane and Bowen where they describe many ways to support authentication/authorization in WCF services.
您还可以阅读Resnick,Crane和Bowen撰写的有关Essential WCF中安全性的章节,其中描述了支持WCF服务中身份验证/授权的多种方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.