[英]WCF duplex service is ignoring custom username authentication
我有一個使用NetHttpsBinding的自托管WCF雙工服務。 它設置為通過UserNamePasswordValidator使用自定義用戶名/密碼身份驗證進行客戶端身份驗證,並使用證書進行服務授權。 Connection工作正常,但從不調用UserNamePasswordValidator,因此我可以使用任何用戶名和密碼組合進行連接。 所以我的問題是為什么它忽略了我的UserNameValidator?
這是該服務的完整配置文件:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
</configSections>
<system.serviceModel>
<services>
<service name="SchoolTestMaker.Service.SchoolTestMakerService">
<endpoint address="" binding="netHttpsBinding" bindingConfiguration="netHttpsEndpointBinding" contract="SchoolTestMaker.Service.ISchoolTestMakerService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
<serviceDebug includeExceptionDetailInFaults="True" />
<!--<serviceAuthorization principalPermissionMode="Custom" />-->
<serviceCredentials>
<serviceCertificate findValue="**classified(FBI)**"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<netHttpsBinding>
<binding name="netHttpsEndpointBinding">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</netHttpsBinding>
</bindings>
</system.serviceModel>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
<providers>
<provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer" />
</providers>
</entityFramework>
</configuration>
UserNamePasswordValidator:
public class SchoolTestMakerServiceUserNamePasswordValidator:UserNamePasswordValidator
{
IUnitOfWork unitOfWork;
IHashGenerator hashGenerator;
public SchoolTestMakerServiceUserNamePasswordValidator(IUnitOfWork unitOfWork,IHashGenerator hashGenerator)
{
this.unitOfWork = unitOfWork;
this.hashGenerator = hashGenerator;
}
public override void Validate(string userName, string password)
{
throw new Exception();
/*if(userName==null||password==null)
{
throw new ArgumentNullException();
}
string passwordHash = hashGenerator.GenerateHash(password);
UserAccount userAccount = unitOfWork.Repository<UserAccount>().Get(x => x.UserName == userName && x.PasswordHash == passwordHash);
if(userAccount==null)
{
throw new SecurityTokenException("Unknown Username or Incorrect Password");
}*/
}
}
StartService方法:
public void StartService()
{
serviceHost = new UnityServiceHost(container,
typeof(SchoolTestMakerService), new Uri(endpointAddress));
//Console.WriteLine(((WSDualHttpBinding)serviceHost.Description.Endpoints[0].Binding).Security.Message.ClientCredentialType);
serviceHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
serviceHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = userNamePasswordValidator;
/*var externalAuthorizationPolicies = new ReadOnlyCollection<IAuthorizationPolicy>(new IAuthorizationPolicy[] { authorizationPolicy });
ServiceAuthorizationBehavior authorizationBehavior=serviceHost.Description.Behaviors.Find<ServiceAuthorizationBehavior>();
authorizationBehavior.ExternalAuthorizationPolicies = externalAuthorizationPolicies;*/
serviceHost.Open();
ServiceRunning = true;
}
如果要使用自定義UserNamePassword驗證,則必須告訴WCF哪個類將處理驗證:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="CustomUsernamePasswordAuth.Service.UserNamePassValidator, CustomUsernamePasswordAuth.Service" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.