C# wcf中的自定义用户名验证
我有一个wcf服务和客户端,希望通过检查用户名和密码提供额外的保护。我有以下几节课C# wcf中的自定义用户名验证,c#,.net,wcf,wcf-security,C#,.net,Wcf,Wcf Security,我有一个wcf服务和客户端,希望通过检查用户名和密码提供额外的保护。我有以下几节课 public class UserCredentialsValidator : UserNamePasswordValidator { public override void Validate(string userName, string password) { if (!string.Equals(userName, Config.Login,
public class UserCredentialsValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (!string.Equals(userName, Config.Login, StringComparison.InvariantCultureIgnoreCase)
&& !String.Equals(password, Config.Password))
{
throw new FaultException("Invalid user credentials. Access denied.");
}
}
}
以及以下服务器配置
<behaviors>
<serviceBehaviors>
<behavior name="serviceBehavior">
<serviceDebug includeExceptionDetailInFaults="true"/> <serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="FileStorage.Core.ServiceModel.UserCredentialsValidator, FileStorage.Core"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="FileStorage.Core.ServiceModel.FileStorageService" behaviorConfiguration="serviceBehavior">
<endpoint address="" contract="FileStorage.IFileStorage" binding="wsHttpBinding" bindingConfiguration="bindingConfig"/>
</service>
</services>
<bindings>
<wsHttpBinding>
<binding name="bindingConfig" maxBufferPoolSize="104857600" maxReceivedMessageSize="104857600" openTimeout="00:10:00"
closeTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00">
<readerQuotas maxDepth="32" maxStringContentLength="104857600" maxArrayLength="104857600"
maxBytesPerRead="104857600" maxNameTableCharCount="1024"/> <security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
问题是CustomValidatir从不执行Validate方法,例如,验证逻辑不执行
这是什么原因造成的?提前感谢尝试更改您的“安全”部分以阅读此
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" proxyCredentialType="Basic" />
<message clientCredentialType="UserName"/>
</security>
安全模式=“TransportWithMessageCredential”正常。不确定我们为什么需要transport clientCredentialType=“Basic”proxyCredentialType=“Basic”
我正在windows服务托管的WCF中使用transport clientCredentialType=“Certificate”protectionLevel=“EncryptAndSign”。工作正常。看来关键在于选择正确的安全模式