I have read some questions here in SO and some linked tutorial.
I have done all the stuff, but I have a problem... the authentication doesn't work.. it gives an exception only if I send a random username, without regarding about the password.
I think, maybe, because the validator I have written it's never called ( I have breakpointed it)... but why?
This is my app.confing of the wcf:
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
<add key="userName" value="piero"/>
<add key="password" value="piero"/>
</appSettings>
<system.web>
<compilation debug="true" />
</system.web>
<!-- Quando si distribuisce il progetto della libreria di servizi, è necessario aggiungere il contenuto del file di configurazione al file
app.config dell'host. System.Configuration non supporta i file di configurazione delle librerie. -->
<system.serviceModel>
<!--<standardEndpoints/>-->
<bindings>
<basicHttpBinding>
<binding name="usernameHttps">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="calc.CalcService" behaviorConfiguration="customBehavior">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration=""
name="base" contract="calc.ICalcService" >
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" name="mex" contract="IMetadataExchange" />
<endpoint address="web" behaviorConfiguration="webHttp" binding="webHttpBinding"
bindingConfiguration="" name="web" contract="calc.ICalcService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="http://localhost:8733/Design_Time_Addresses/calc/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="webHttp">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior >
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="False" />
</behavior>
<behavior name="customBehavior">
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True"/>
<serviceDebug includeExceptionDetailInFaults="True" />
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="calc.CustomPass, calc"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="webHttpBinding" scheme="http" />
</protocolMapping>
</system.serviceModel>
and this is the config of the calling wpf app:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
</startup>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<!--<binding name="base" />-->
<binding name="base">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://localhost:8733/Design_Time_Addresses/calc/"
binding="basicHttpBinding" bindingConfiguration="base" contract="calcTest.ICalcService"
name="base" />
</client>
</system.serviceModel>
<appSettings>
<add key="userName" value="aaa"/>
<add key="password" value="bbb"/>
</appSettings>
</configuration>
and this is the validator of the wcf:
public class CustomPass : UserNamePasswordValidator //System.IdentityModel.dll
{
private const string USERNAME_ELEMENT_NAME = "userName";
private const string PASSWORD_ELEMENT_NAME = "password";
private const string FAULT_EXCEPTION_MESSAGE = "UserName or Password is incorrect!";
public override void Validate(string userName, string password)
{
//Guarder.Guard.ArgumentNotNull(userName).ArgumentNotNull(password);
var validateUserName = ConfigurationManager.AppSettings[USERNAME_ELEMENT_NAME];
var validatePassword = ConfigurationManager.AppSettings[PASSWORD_ELEMENT_NAME];
var validateCondition = userName.Equals(validateUserName) && password.Equals(validatePassword);
if (!validateCondition)
{
throw new FaultException(FAULT_EXCEPTION_MESSAGE);
}
}
}
So:
the wpf app calls it (basicHttpBinding) and uses it but:
if there is no username, it gets error from wcf (this is ok, I think)
the wcf service accepts ALL username, not only the one I have set in the validator
to be read in some way but the wcf
How can I use my validator? Why it doesn't start?
I call the wcf in this way (any errors here?):
private void Add(object sender, RoutedEventArgs e)
{
var n1 = this.opOne.Text.ToString();
var n2 = this.opTwo.Text.ToString();
var calc = new calcTest.CalcServiceClient();
calc.ClientCredentials.UserName.UserName = "piero";
calc.ClientCredentials.UserName.Password = "piero";
this.res.Text = calc.Add(n1, n2);
}
can you just debug the "Service.Open()" - Method?
There you will see if your CustomBehavior is added to the Behavios of the service. You have to invoke the Behavior-Methods, and call the CustomPasswordValidator.
So you need to write a CustomBehavior wich extends the ServiceBehavior, and then invoke one of the four Methods (Valdate, AddBindingParameters, etc...) You need to find out, where the PasswordValidator is called.
I think it is in the SecurityBindingElement of the BindingElementCollection of your binding of the service (wow what a sentence). Next you must add the CustomBehavior (app.config or dirctly in the code). Maby you need to cast your binding to a CustomBinding to be able to change the elements of the SecurityBindingelement.
I hope this will help you to solve your problem with the CustomPasswordValidator.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.