3

我已经定义了一个自己的ServiceCredentials提供者:

class PasswordServiceCredentials : ServiceCredentials
{
}

当我启动ServiceHost时,该提供程序会在CreateSecurityTokenManager()方法中生成自定义SecurityTokenManager

public override SecurityTokenManager CreateSecurityTokenManager()
{
    if (this.UserNameAuthentication.UserNamePasswordValidationMode == UserNamePasswordValidationMode.Custom)
    {
        return new PasswordSecurityTokenManager(this);
    }

    return base.CreateSecurityTokenManager();
}

PasswordSecurityTokenManager类:

class PasswordSecurityTokenManager : ServiceCredentialsSecurityTokenManager
{
}

该实例在CreateSecurityTokenAuthenticator()方法中生成自定义SecurityTokenAuthenticator :

public override SecurityTokenAuthenticator CreateSecurityTokenAuthenticator(SecurityTokenRequirement tokenRequirement, out SecurityTokenResolver outOfBandTokenResolver)
{
    outOfBandTokenResolver = null;

    return new PasswordSecurityTokenAuthenticator(this.ServiceCredentials
                                                      .UserNameAuthentication
                                                      .CustomUserNamePasswordValidator);
}

生成的实例是自定义CustomUserNameSecurityTokenAuthenticator

问题是在任何时候都不会调用被覆盖的ValidateUserNamePasswordCore()方法:

protected override ReadOnlyCollection<IAuthorizationPolicy> ValidateUserNamePasswordCore(String userName, String password)
{
    ReadOnlyCollection<IAuthorizationPolicy> currentPolicies = base.ValidateUserNamePasswordCore(userName, password);

    List<IAuthorizationPolicy> newPolicies = new List<IAuthorizationPolicy>();
    if (currentPolicies != null)
    {
        newPolicies.AddRange(currentPolicies.OfType<IAuthorizationPolicy>());
    }

    newPolicies.Add(new PasswordAuthorizationPolicy(userName, password));

    return newPolicies.AsReadOnly();
}

在我的自定义IAuthorizationPolicy提供程序PasswordAuthorizationPolicy中,我想在Evaluate()方法中为EvaluationContext设置自定义主体。

但是如果不调用upper方法,就不能定义额外的IAuthorizationPolicy项。

这里有什么问题或遗漏?

我不使用 XML 来配置我的服务,我 100% 用 C# 代码来做这件事!

编辑:代码基于以下博客文章: http: //www.neovolve.com/post/2008/04/07/wcf-security-getting-the-password-of-the-user.aspx

4

1 回答 1

0

好的,我只是问,因为您在帖子中从未提及有关配置文件的任何内容,但是您是否在 serviceBehaviors 中设置了 serviceCredentials 类型?例子:

<behaviors>
   <serviceBehaviors>
     <behavior name="YourCustomBehavior">
       <serviceDebug includeExceptionDetailInFaults="true" />
       <serviceCredentials type="Your.Namespace.PasswordServiceCredentials, Your.Namespace">
         <serviceCertificate findValue="localhost" x509FindType="FindBySubjectName" />
         <userNameAuthentication userNamePasswordValidationMode="Custom" />
       </serviceCredentials>
       <serviceAuthorization principalPermissionMode="Custom" />
     </behavior>
   </serviceBehaviors>
 </behaviors>

如果是,您是否在服务节点上的 behaviorConfiguration 中引用“YourCustomBehavior”?例子:

<services>
   <service behaviorConfiguration="YourCustomBehavior"
    name="Your.Service.Namespace.YourService">
     <endpoint address="net.tcp://..."
      binding="netTcpBinding" bindingConfiguration="netTcpBindingConfig"
      contract="Your.Service.Interface.Namespace.IYourService" />
   </service>
 </services>

可能就这么明显。


(来源:avivacommunityfund.org

于 2012-09-25T19:55:28.677 回答