0
我想要做的是确保我的服务。为此,我使用UserNameAuthentication。我做了绑定和一切,但有一些原因,当我启动服务,我没有得到验证提示! 验证方法未触发!WCF 3.5 UserNameAuthentication不起作用?
这里是我的webConfig
我不知道我在这里失踪!
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
<service behaviorConfiguration="IPhone.Service1Behavior" name="MobileService.IPhone">
<endpoint address="" binding="wsHttpBinding" contract="MobileService.IIPhone" bindingConfiguration="SafeServiceConf">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="IPhone.Service1Behavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="MobileService.CustomValidator, MobileService" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="SafeServiceConf" maxReceivedMessageSize="65536">
<readerQuotas maxStringContentLength="65536" maxArrayLength="65536"
maxBytesPerRead="65536" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
这是我在IPhone.svc代码进行验证
我把的CustomValidator类里面的服务!
public class CustomValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (userName == "test" && password == "test")
return;
throw new SecurityTokenException(
"Unknown Username or Password");
}
}
任何帮助?
我只是想确保.svc文件!我可以提示客户,但如果有人直接访问URL,他们可以访问服务权限? – HardCode
不,如果您使用的是UserNamePasswordValidator并且它们没有通过正确的ClientCredintials(即用户名和密码),用户将无法调用您的服务。 – ChrisNel52