0

几天来,我一直在尝试让自定义UserNamePasswordValidator与我的netHttpsBinding 一起用于 .Net 4.5 WCF Web 服务。我的问题是验证器永远不会被调用或强制执行,因此任何凭据(或没有凭据)都可以访问。

我很确定配置是正确的,因为我可以为 wsHttpBinding 使用几乎相同的配置并且它可以工作。这是web.config ...

<services>
  <service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
    <endpoint address="" binding="wsHttpBinding" contract="MyNamespace.IMyService" />
    <!-- This one doesn't authenticate 
    <endpoint address="" binding="netHttpsBinding" contract="MyNamespace.IMyService" />
    -->
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
  </service>
</services>
<bindings>
  <wsHttpBinding>
    <binding>
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName"/>
      </security>
    </binding>
  </wsHttpBinding>
  <netHttpsBinding>
    <binding>
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="UserName" />
      </security>
    </binding>
  </netHttpsBinding>
</bindings>
<behaviors>
  <serviceBehaviors>
    <behavior name="serviceBehavior">
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.MyValidator, MyAssembly"/>
      </serviceCredentials>
      <serviceMetadata httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
  </serviceBehaviors>
</behaviors>

如果这很重要,这里是验证器......

using System.IdentityModel.Selectors;
using System.ServiceModel;
namespace MyNamespace
{
    public class MyValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if (null == userName || null == password)
                throw new FaultException("Username or Password were not set.");
            if (!(userName == "MyUser" && password == "MyPassword"))
                throw new FaultException("Unknown Username or Incorrect Password");
        }
    }
}

有谁知道为什么 UserNamePasswordValidator 不能与 netHttpsBinding 一起使用?或者我做错了什么?

4

2 回答 2

0

这并没有直接回答这个问题,但我最终放弃了 netHttpsBinding 以使用二进制编码进行自定义绑定。据我所知,它完成了同样的事情。我的配置的简化示例...

<services>
  <service name="MyNamespace.MyService" behaviorConfiguration="serviceBehavior">
    <endpoint address="" binding="customBinding" bindingConfiguration="CustomBinding" contract="MyNamespace.IMyService" />
    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" />
  </service>
</services>
<bindings>
  <customBinding>
    <binding name="CustomBinding">
      <security authenticationMode="UserNameOverTransport"></security>
      <binaryMessageEncoding />
      <httpsTransport />
    </binding>
  </customBinding>
</bindings>
<behaviors>
  <serviceBehaviors>
    <behavior name="serviceBehavior">
      <serviceCredentials>
        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="MyNamespace.MyValidator, MyAssembly"/>
      </serviceCredentials>
      <serviceMetadata httpsGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
    </behavior>
  </serviceBehaviors>
</behaviors>
于 2013-03-22T16:12:54.930 回答
0

尝试使用 NetHttpBinding 而不是 NetHttpsBinding。如果您保留 TransportWithMessageCredential,您仍然可以获得所有正确的安全模式设置。我试过这个并且它有效。但是,是的,如果我使用 NetHttpsBinding,我可以重现这种行为。

于 2012-12-07T22:48:11.873 回答