[英]custom username validation in wcf
我有wcf服务和客户端,并希望通过检查用户名和密码来提供额外的保护。 我有以下validatir课程
public class UserCredentialsValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (!string.Equals(userName, Config.Login, StringComparison.InvariantCultureIgnoreCase)
&& !String.Equals(password, Config.Password))
{
throw new FaultException("Invalid user credentials. Access denied.");
}
}
}
和以下服务器配置
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceDebug includeExceptionDetailInFaults="true"/> <serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="FileStorage.Core.ServiceModel.UserCredentialsValidator, FileStorage.Core"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="FileStorage.Core.ServiceModel.FileStorageService" behaviorConfiguration="serviceBehavior">
<endpoint address="" contract="FileStorage.IFileStorage" binding="wsHttpBinding" bindingConfiguration="bindingConfig"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="bindingConfig" maxBufferPoolSize="104857600" maxReceivedMessageSize="104857600" openTimeout="00:10:00"
closeTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
<readerQuotas maxDepth="32" maxStringContentLength="104857600" maxArrayLength="104857600"
maxBytesPerRead="104857600" maxNameTableCharCount="1024"/> <security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
问题是CustomValidatir从不执行Validate方法,例如,验证逻辑不执行
是什么原因造成的? 提前致谢
尝试更改“安全性”部分以阅读此内容...
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" proxyCredentialType="Basic" />
<message clientCredentialType="UserName"/>
</security>
安全模式=“ TransportWithMessageCredential”可以。 不知道为什么我们需要传输clientCredentialType =“ Basic” proxyCredentialType =“ Basic” ...
我在托管WCF的Windows服务中使用传输clientCredentialType =“ Certificate” protectionLevel =“ EncryptAndSign”。工作正常。看来,诀窍实际上在于选择正确的安全模式。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.