1

基于 MSDN 文档,我创建了一个自定义 UserNameSecurityTokenHandler 并放入 CanValidateToken 覆盖和 ValidateToken 覆盖。我以为我已将 WCF Web 服务配置为使用自定义处理程序,但 ValdiateToken 永远不会被调用。这是自定义令牌处理程序:

public class CustomUserNameSecurityTokenHandler : UserNameSecurityTokenHandler 
{
    public override bool CanValidateToken
    {
        get { return true; }
    }

    public override ReadOnlyCollection<ClaimsIdentity> ValidateToken(SecurityToken token)
    {
        System.Diagnostics.Debugger.Launch();

        if (token == null)
        {
            throw new ArgumentNullException();
        }
        var userNameToken = token as UserNameSecurityToken;
        if (userNameToken == null)
        {
            throw new SecurityTokenException("Invalid token");
        }

        if ( userNameToken.UserName != userNameToken.Password )
        {
            throw new SecurityTokenException("Invalid username or password.");
        }
        var claims = new List<Claim>
            {
                new Claim(System.IdentityModel.Claims.ClaimTypes.Name, userNameToken.UserName),
                new Claim(
                    "http://schemas.microsoft.com/ws/2008/06/identity/claims/ClaimTypes.AuthenticationInstant",
                    XmlConvert.ToString(DateTime.UtcNow, "yyyy-MM-ddTHH:mm:ss.fffZ"),
                    "http://www.w3.org/2001/XMLSchema#dateTime")
            };

        return new ReadOnlyCollection<ClaimsIdentity>(new List<ClaimsIdentity> {new ClaimsIdentity(claims, "Password")});
    }
}

调试器不启动。当我调用它时,客户端代码总是失败。这是该站点的 WCF web.config 条目:

 <configSections>
 <section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<appSettings>
  <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
  <compilation debug="true" targetFramework="4.5" />
  <httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
  <services>
    <service name="WcfUserName.Service1">
      <endpoint address="Service1.svc" binding="netHttpBinding"
        contract="WcfUserName.IService1" />
      <host>
        <baseAddresses>
          <add baseAddress="https://localhost/WcfUserName" />
        </baseAddresses>
      </host>
    </service>
  </services>
  <bindings>
    <netHttpBinding>
      <binding>
        <security mode="TransportWithMessageCredential">
          <message clientCredentialType="UserName" />
        </security>
      </binding>
    </netHttpBinding>
  </bindings>
  <behaviors>
    <serviceBehaviors>
      <behavior>
        <serviceCredentials useIdentityConfiguration="true" />
        <serviceAuthorization principalPermissionMode="Always"/>
        <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
        <serviceDebug includeExceptionDetailInFaults="true"/>
      </behavior>
     </serviceBehaviors>
  </behaviors>
 <protocolMapping>
      <add binding="netHttpBinding" scheme="https" />
 </protocolMapping>    
 <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
 </system.serviceModel>
 <system.webServer>
 <modules runAllManagedModulesForAllRequests="true"/>
 <directoryBrowse enabled="true"/>
 </system.webServer>
<system.identityModel>
  <identityConfiguration name="identconfig">
    <securityTokenHandlers>
      <remove type="System.IdentityModel.Tokens.WindowsUserNameSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
      <add type="WcfUserName.Security.CustomUserNameSecurityTokenHandler, WcfUserName"/>
    </securityTokenHandlers>
  </identityConfiguration>
 </system.identityModel>

我认为我的配置有问题,但不知道是什么。有任何想法吗?

4

1 回答 1

2

AFAIK,您需要在 web.config 中正确配置它。这意味着您需要添加您的 securitytokenhandler,但还要删除默认的用户名密码处理程序。因此,您需要 <remove> 以前的处理程序,或者重新开始并 <clear> 配置文件中的 securitytokenhandlers 集合。

于 2013-04-25T18:29:04.907 回答