1. 首页
  2. 问答
  3. 如何评估WCF服务器上的自定义ClientCredentials?

如何评估WCF服务器上的自定义ClientCredentials?

2015-08-09 34 views
0

我遇到以下情况:如何评估WCF服务器上的自定义ClientCredentials?

Windows“胖客户端”应用程序正在连接到WCF Web服务。这两种,客户端和web服务使用精确相同的结合,它看起来像这样:

private static NetTcpBinding Message_Security_UserName_Credentials() 
    { 
     NetTcpBinding binding = new NetTcpBinding(); 

     binding.Security.Mode = SecurityMode.Message; 

     binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; 

     binding.Security.Transport.ProtectionLevel = System.Net.Security.ProtectionLevel.EncryptAndSign; 

     binding.PortSharingEnabled = true; 

     return binding; 
    }

客户端发送“定制”的客户端证书的Web服务。自定义客户端凭证类是这样的:

public class CustomClientCredentials : ClientCredentials 
{ 

public CustomClientCredentials() 
{ 
    AuthorizationToken = String.Empty; 

    this.ClientCertificate.Certificate = Certificates.ClientPFX; 

    this.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.Custom; 

    this.ServiceCertificate.Authentication.CustomCertificateValidator = new CustomClientX509CertificateValidator("CN"); 
} 

private string authorizationtoken; 
public string AuthorizationToken 
{ 
    get 
    { 
     return this.authorizationtoken; 
    } 
    set 
    { 
     if (value == null) 
     { 
      throw new ArgumentNullException("value"); 
     } 
     this.authorizationtoken = value; 
    } 
} 


public String Name 
{ 
    set 
    { 
     this.UserName.UserName = value; 
    } 
} 

public String Password 
{ 
    set 
    { 
     this.UserName.Password = value; 
    } 
} 

protected CustomClientCredentials(CustomClientCredentials other) 
    : base(other) 
{ 
    this.AuthorizationToken = other.AuthorizationToken; 
} 

protected override ClientCredentials CloneCore() 
{ 
    return new CustomClientCredentials(this); 
}

}

总之,发送自定义客户端证书到服务的过程是这样的:

ChannelFactory<ILoginService> factory = new ChannelFactory<ILoginService> (binding, endpointaddress); 

factory.Endpoint.Behaviors.Remove<ClientCredentials>(); 

CustomClientCredentials credentials = new CustomClientCredentials() {Name = this.User.EMail, Password = this.User.Password, AuthorizationToken = String.Empty}; 

factory.Endpoint.Behaviors.Add(credentials); 

ILoginService client = factory.CreateChannel(); 

Token result = client.LogIn();

在服务器上,我使用自定义的UserPasswordValidator读出客户端凭据。它看起来像这样:

public class CustomServiceUserNamePasswordValidator : System.IdentityModel.Selectors.UserNamePasswordValidator 
{ 
    public override void Validate(string userName, string password) 
    { 
     if (null == userName || null == password) 
     { 
      throw new ArgumentNullException(); 
     } 
    } 
}

到目前为止一切正常。正如您在我的自定义ClientCredentials类中所看到的,我想向服务器发送更多附加信息。

我的问题是:我必须做什么,读取服务器上接收到的自定义客户端凭据?

我脑海中的理论是,我只需告诉服务器上的服务端点,他应该期待某种类型的凭证,然后他可以评估它们。

来源

2015-08-09 Michael

回答

1

验证自定义客户端凭证可能不是一件容易的任务,但您可以按照此link进行验证。我也建议遵循这个link定制凭证实施。

来源

2015-08-09 06:29:18 jtabuloc

+0

我遵循这两个链接,我完全按照说明操作,并且完美地工作。每个人都应该知道,因为它可能有点令人困惑:对于像我这样以编程方式完成所有WCF工作的人来说,可以跳过“应用程序配置”步骤。您只需要这些类:ClientCredentials,SecurityTokenManager,SecurityTokenAuthenticator和IAuthorizationPolicy。而这对双方而言,意味着客户端和服务器的独立性。 – Michael

+1

首先关注此:https://msdn.microsoft.com/en-us/library/ms730868%28v=vs.110%29.aspx然后按照此:https://msdn.microsoft.com/en-us/ library/ms730079%28v = vs.110%29.aspx,你很好走。 – Michael

相关问题

 相关问题