[C#.NET][WCF] wsHttpBinding @self-host 的安全性 使用 Custom UserName 類別覆寫 Windows User Name 驗証
[WCF] wsHttpBinding host 的安全性–使用 Windows UserName 驗証,在WCF裡除了利用Windows UserName 驗証之外,也可以實作抽像 UserNamePasswordValidator 類別
Step1.實作 UserNamePasswordValidator 抽像類別
新建一個WcfServiceLibraryIdentity 類別專案,然後建立 Validator 類別
namespace WcfServiceLibraryIdentity
{
public class Validator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (userName != "yao" || password != "0911")
{
throw new SecurityTokenValidationException("The user could not be authenticated");
}
}
}
}
在 WcfServiceLibrary 專案裡要參考 WcfServiceLibraryIdentity 專案
Step2.設定WcfServiceLibrary專案的App.Config
寫好自訂驗証類別後,接下來就在App.Config裡套用,App.Config 跟上篇不一樣的地方只有這裡
customUserNamePasswordValidatorType="WcfServiceLibraryIdentity.Validator,WcfServiceLibraryIdentity"
userNamePasswordValidationMode="Custom"
存檔後,所產品出來的App.Config如下
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.web>
<compilation debug="true" />
</system.web>
<!-- When deploying the service library project, the content of the config file must be added to the host's
app.config file. System.Configuration does not support config files for libraries. -->
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="wsHttpBinding.Config">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="WcfServiceLibrary.ServiceBehavior"
name="WcfServiceLibrary.Service">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding.Config"
contract="WcfServiceLibrary.IService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:168" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WcfServiceLibrary.ServiceBehavior">
<serviceCredentials>
<clientCertificate>
<authentication certificateValidationMode="None" />
</clientCertificate>
<serviceCertificate findValue="CN=WCFServer" />
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WcfServiceLibraryIdentity.Validator,WcfServiceLibraryIdentity" />
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
Step3.設定Client端的App.Config及程式碼
程式碼與設定步驟跟上篇一樣,在此貼出App.Config
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="EndPointBehavior.Config">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="WSHttpBinding_IService">
<security>
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<client>
<endpoint address="http://輸入遠端Address:168/" behaviorConfiguration="EndPointBehavior.Config"
binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService"
contract="WcfServiceLibrary.IService" name="WSHttpBinding_IService">
<identity>
<dns value="WCFServer" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
這樣一來就覆寫掉了Windows UserName的驗証了
若有謬誤,煩請告知,新手發帖請多包涵
Microsoft MVP Award 2010~2017 C# 第四季
Microsoft MVP Award 2018~2022 .NET
