1. 首页
  2. 问答
  3. 使用basicHttpBinding和自定义UserNamePasswordValidator进行WCF身份验证?

使用basicHttpBinding和自定义UserNamePasswordValidator进行WCF身份验证?

2012-11-05 91 views
0

在这里,我正在WCF RESTfull服务中实现自定义usernamepasswordvalidator。我需要的是通过Chrome REST客户端调用此http://localhost:12229/RestServiceImpl.svc/GetStudentObj时,它不验证用户名密码..直接调用此方法并获取结果。我在做什么错误这里??使用basicHttpBinding和自定义UserNamePasswordValidator进行WCF身份验证?

我的界面

[ServiceContract] 
    public interface IRestServiceImpl 
    { 
     [OperationContract] 
     [WebInvoke(Method = "GET", UriTemplate = "/GetStudentObj", RequestFormat = WebMessageFormat.Json, 
      ResponseFormat = WebMessageFormat.Json)] 
     Student GetStudent(); 
    }

SVC

public class RestServiceImpl : IRestServiceImpl 
    { 
     public Student GetStudent() 
     { 
       Student stdObj = new Student 
       { 
        StudentName = "Foo", 
        Age = 29, 
        Mark = 95 
       }; 
       return stdObj; 

     } 

     public class CustomUserNameValidator : UserNamePasswordValidator 
     { 
      public override void Validate(string userName, string password) 
      { 

       if (null == userName || null == password) 
       { 
        throw new ArgumentNullException("You must provide both the username and password to access this service"); 
       } 

       if (!(userName == "user1" && password == "test") && !(userName == "user2" && password == "test")) 
       { 

        throw new SecurityTokenException("Unknown Username or Incorrect Password"); 
       } 
      } 
     } 

    }

和程序Web.Config

<system.serviceModel> 
    <bindings> 
     <webHttpBinding> 
     <binding name="webHttpTransportSecurity"> 
      <security mode="Transport"> 
      <transport clientCredentialType="Basic"></transport> 
      </security> 
     </binding> 
     </webHttpBinding> 
    </bindings> 
    <protocolMapping> 
     <add scheme="http" binding="webHttpBinding"/> 
    </protocolMapping> 
    <services> 
     <service name="RestService.RestServiceImpl" > 
     <endpoint address="" binding="webHttpBinding" contract="RestService.IRestServiceImpl"></endpoint> 
     </service> 
    </services> 
    <behaviors> 
     <endpointBehaviors> 
     <behavior> 
      <webHttp /> 
     </behavior > 
     </endpointBehaviors> 
     <serviceBehaviors> 
     <behavior name="SecureRESTSvcTestBehavior"> 
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/> 
      <serviceDebug includeExceptionDetailInFaults="false"/> 
      <serviceCredentials> 
      <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="RESTfulSecuritySH.CustomUserNameValidator, RESTfulSecuritySH" /> 
      </serviceCredentials> 
     </behavior> 
     </serviceBehaviors> 
    </behaviors> 
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> 
    </system.serviceModel>

任何建议?

来源

2012-11-05 bala3569

+0

Downvoted - 你说你想使用basicHttpBinding的,但你使用的wsHttpBinding来代替。 – stephen

回答

0

您似乎没有为您的服务设置自定义行为。

您需要使用behaviorConfiguration属性来告诉你SecureRESTSvcTestBehavior问题的服务:

<service name="RestService.RestServiceImpl" behaviorConfiguration="SecureRESTSvcTestBehavior"> 
    <endpoint address="" binding="webHttpBinding" contract="RestService.IRestServiceImpl"></endpoint> 
</service>

来源

2013-01-31 21:37:02 Yaniv

相关问题

 相关问题