1.建立一个Web应用程序工程WebApp.
2.新建一个接口: IBussiness
3.添加System.ServiceModel引用
4. 对IBussiness实现契约
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
namespace WebApp
{
[ServiceContract]
public interface IBussiness
{
[OperationContract]
string Operate();
}
}
注:[ServiceContract]为服务契约标签, [OperationContract]为操作契约标签
5.创建一个类Bussiness,实现IBussiness接口
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace WebApp
{
public class Bussiness:IBussiness
{
#region IBussiness 成员
string IBussiness.Operate()
{
return "Called Success";
}
#endregion
}
}
6.创建一个WCF服务BussService ,解决方案中会自动产生三个文件BussService.svc,BussService.svc.cs,IBussService.cs
7.删除BussService.svc.cs,IBussService.cs两个文件,并修改WCF宿主文件BussService.svc为
<%@ ServiceHost Language="C#" Debug="true" Service="WebApp.Bussiness" %>
8.添加UserNameToken验证类,并重写Validate方法(本示例采用了直接判断简单的验证方式,可在此方法中设置复杂验证手段,如将用户名密码存入数据库等)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
namespace WebApp
{
public class MyUserNameTokenValidator : UserNamePasswordValidator
{
/// <summary>
/// Validates the user name and password combination.
/// </summary>
/// <param name="userName">The user name.</param>
/// <param name="password">The password.</param>
public override void Validate(string userName, string password)
{
// validate arguments
if (string.IsNullOrEmpty(userName))
throw new ArgumentNullException("userName");
// check if the user is not xiaozhuang
if (userName != "user" || password != "123456")
throw new SecurityTokenException("用户名或者密码错误!");
}
}
}
9.为BussService进行配置 打开Web.config,找到system.serviceModel配置单元
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="WebApp.BussServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="WebApp.BussServiceBehavior" name="WebApp.BussService">
<endpoint address="" binding="wsHttpBinding" contract="WebApp.IBussService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
</services>
</system.serviceModel>
10.修改配置并设置 安全协议绑定,修改后的配置文件如下:
<system.serviceModel>
<!--绑定采用的是安全机制UserToken机制的basicHttpBinding-->
<bindings>
<basicHttpBinding>
<!-- 一些基本配置如消息长度等 -->
<binding name="UserNameTokenSecurityBinding">
<!-- 指定消息安全机制,在传输过程中带Soap Message验证 -->
<security mode="TransportWithMessageCredential">
<!-- 我们需要的是UserNameToken验证,此验证基于消息,所以将此处配置为UserName -->
<message clientCredentialType="UserName"/>
<!-- 无需在传输过程中发送用户凭证,所以将此处设置为None -->
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="WebApp.BussServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<!-- 指定用户名密码验证类 -->
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WebApp.MyUserNameTokenValidator,WebApp" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="WebApp.BussServiceBehavior" name="WebApp.Bussiness">
<endpoint address="" binding="basicHttpBinding" bindingConfiguration="UserNameTokenSecurityBinding"
contract="WebApp.IBussiness" />
</service>
</services>
</system.serviceModel>
11.为IIS配置应用程序目录配置https协议(需要申请IIS证书并在配置https协议时使用该证书).