【问题标题】:custom username validation in wcfwcf中的自定义用户名验证
【发布时间】:2010-12-21 14:04:12
【问题描述】:

我有一个 wcf 服务和客户端,并希望通过检查用户名和密码来提供额外的保护。我有以下验证课程

public class UserCredentialsValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if (!string.Equals(userName, Config.Login, StringComparison.InvariantCultureIgnoreCase)
                && !String.Equals(password, Config.Password))
            {
                throw new FaultException("Invalid user credentials. Access denied.");
            }
        }
    }

以及以下服务器配置

<behaviors>
      <serviceBehaviors>
        <behavior name="serviceBehavior">
          <serviceDebug includeExceptionDetailInFaults="true"/>   <serviceCredentials>
                    <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="FileStorage.Core.ServiceModel.UserCredentialsValidator, FileStorage.Core"/>
                </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="FileStorage.Core.ServiceModel.FileStorageService" behaviorConfiguration="serviceBehavior">
        <endpoint address="" contract="FileStorage.IFileStorage" binding="wsHttpBinding" bindingConfiguration="bindingConfig"/>
      </service>
    </services>
    <bindings>
      <wsHttpBinding>
        <binding name="bindingConfig" maxBufferPoolSize="104857600" maxReceivedMessageSize="104857600" openTimeout="00:10:00" 
                 closeTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
          <readerQuotas maxDepth="32" maxStringContentLength="104857600" maxArrayLength="104857600"
                        maxBytesPerRead="104857600" maxNameTableCharCount="1024"/> <security mode="Message">
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>

问题是 CustomValidatir 从不执行 Validate 方法,例如验证逻辑不执行

是什么原因造成的?提前致谢

【问题讨论】:

    标签: c# .net wcf wcf-security


    【解决方案1】:

    尝试更改您的“安全”部分以阅读此内容...

    <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="Basic" proxyCredentialType="Basic" />
        <message clientCredentialType="UserName"/>
    </security>
    

    【讨论】:

      【解决方案2】:

      安全模式="TransportWithMessageCredential" 没问题。不知道为什么我们需要传输 clientCredentialType="Basic" proxyCredentialType="Basic"...

      我在托管 WCF 的 Windows 服务中使用传输 clientCredentialType="Certificate" protectionLevel="EncryptAndSign" 。工作正常。看来诀窍实际上在于选择正确的安全模式。

      【讨论】:

        猜你喜欢
        • 1970-01-01
        • 2011-09-28
        • 1970-01-01
        • 1970-01-01
        • 2021-06-30
        • 1970-01-01
        • 2011-10-23
        • 1970-01-01
        • 2020-10-16
        相关资源
        最近更新 更多