1

Every example I see uses the default Membership Provider with the userNamePasswordValidationMode, but can I specify MembershipProvider for userNamePasswordValidationMode in the ServiceCredentials for a WCF REST Service if I have a Custom Membership Provider? Is the following route the best to take if this is possible:

  1. Create a custom membership provider that implements Membership Provider.

  2. Create a CustomUserNamePasswordValidator that implements UserNamePasswordValidator and override the Validate Method.

  3. In the Validate method, validate whether a user exists in the database.

Issues I am having are, if I have a login method in my service and it is called from an a web browser with the url http://test.com/service.svc/login, how can I get the username and password. Assume that it the username and password can be typed into a web page or it can come from a smart device application (android, iphone, etc)

4

1 回答 1

0

您应该能够: [HowToUseNonDefaultMembershipProvider][1] 在第 1 步中,页面有两个附加链接,第一个显示如何构建会员提供程序类,第二个显示必要的配置条目。虽然第二个链接讨论了指定默认提供程序,但您实际上可以在配置中指定任意数量的提供程序,其中一个恰好是默认提供程序:

<system.web>
    <membership defaultProvider="SqlProvider">
        <providers>
            <clear />
            <add name="SqlProvider"
  type="System.Web.Security.SqlMembershipProvider"
  connectionStringName="MySqlConnection"
  applicationName="MyApplication"
  enablePasswordRetrieval="false"
  enablePasswordReset="true"
  requiresQuestionAndAnswer="true"
  requiresUniqueEmail="true"
  passwordFormat="Hashed" />
            <add name="MyProvider"
                     type="MyCompany.MyNamespace.MyMembershipProvider" />
        </providers>
    </membership>
</system.web>

现在,在上面链接的示例代码中,您可以在 AuthenticationService_Authenticating 方法中有一行,如下所示:

e.Authenticated = Membership.Providers["MyProvider"].ValidateUser(e.UserName, e.Password);

在您的自定义提供程序类中,您将实现 ValidateUser 方法。这可能包含验证用户名和密码(传递给方法)所需的任何逻辑。

[1]: http://How to: Use Non-default Membership Provider for WCF Authentication Service

于 2010-10-06T00:25:40.573 回答