C# netHttpsBinding与自定义用户名密码验证程序
几天来,我一直在尝试为.NET4.5WCFWeb服务定制一个与my一起工作的服务。我的问题是,验证器从未被调用或强制,因此任何凭据(或没有凭据)都允许访问 我非常确定这个配置是正确的,因为我可以为wsHttpBinding使用几乎相同的配置,并且它可以工作。这是web.configC# netHttpsBinding与自定义用户名密码验证程序,c#,wcf,.net-4.5,C#,Wcf,.net 4.5,几天来,我一直在尝试为.NET4.5WCFWeb服务定制一个与my一起工作的服务。我的问题是,验证器从未被调用或强制,因此任何凭据(或没有凭据)都允许访问 我非常确定这个配置是正确的,因为我可以为wsHttpBinding使用几乎相同的配置,并且它可以工作。这是web.config <services> <service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
<endpoint address="" binding="wsHttpBinding" contract="MyNamespace.IMyService" />
<!-- This one doesn't authenticate
<endpoint address="" binding="netHttpsBinding" contract="MyNamespace.IMyService" />
-->
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<wsHttpBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
<netHttpsBinding>
<binding>
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</netHttpsBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.MyValidator, MyAssembly"/>
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
<endpoint address="" binding="customBinding" bindingConfiguration="CustomBinding" contract="MyNamespace.IMyService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<customBinding>
<binding name="CustomBinding">
<security authenticationMode="UserNameOverTransport"></security>
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.MyValidator, MyAssembly"/>
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
有人知道为什么UserNamePasswordValidator不能与netHttpsBinding一起工作吗?或者我做错了什么?尝试使用NetHttpBinding而不是NetHttpBinding。如果保留TransportWithMessageCredential,您仍然可以获得所有正确的安全模式设置。我试过这个,效果很好。但是,如果我使用NetHttpsBinding,我可以复制这种行为 这并不能直接回答这个问题,但我最终放弃了netHttpsBinding,转而使用二进制编码进行自定义绑定。据我所知,它完成了同样的事情。我的配置的一个简化示例
<services>
<service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
<endpoint address="" binding="customBinding" bindingConfiguration="CustomBinding" contract="MyNamespace.IMyService" />
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
</service>
</services>
<bindings>
<customBinding>
<binding name="CustomBinding">
<security authenticationMode="UserNameOverTransport"></security>
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.MyValidator, MyAssembly"/>
</serviceCredentials>
<serviceMetadata httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>