[C#.NET][WCF] wsHttpBinding @self-host 的安全性 使用 Custom UserName 類別覆寫 Windows User Name 驗証

  • 3955
  • 0
  • WCF
  • 2013-10-25

[C#.NET][WCF] wsHttpBinding @self-host 的安全性 使用 Custom UserName 類別覆寫 Windows User Name 驗証

[WCF] wsHttpBinding host 的安全性–使用 Windows UserName 驗証,在WCF裡除了利用Windows UserName 驗証之外,也可以實作抽像 UserNamePasswordValidator 類別

 

Step1.實作 UserNamePasswordValidator 抽像類別

新建一個WcfServiceLibraryIdentity 類別專案,然後建立 Validator 類別

namespace WcfServiceLibraryIdentity
{
    public class Validator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            if (userName != "yao" || password != "0911")
            {
                throw new SecurityTokenValidationException("The user could not be authenticated");
            }
        }
    }
}

image

 

在 WcfServiceLibrary 專案裡要參考 WcfServiceLibraryIdentity 專案

image

 

Step2.設定WcfServiceLibrary專案的App.Config

寫好自訂驗証類別後,接下來就在App.Config裡套用,App.Config 跟上篇不一樣的地方只有這裡

customUserNamePasswordValidatorType="WcfServiceLibraryIdentity.Validator,WcfServiceLibraryIdentity"

userNamePasswordValidationMode="Custom"

image

 

 

存檔後,所產品出來的App.Config如下

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

  <system.web>
    <compilation debug="true" />
  </system.web>
  <!-- When deploying the service library project, the content of the config file must be added to the host's
  app.config file. System.Configuration does not support config files for libraries. -->
  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="wsHttpBinding.Config">
          <security>
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="WcfServiceLibrary.ServiceBehavior"
        name="WcfServiceLibrary.Service">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding.Config"
          contract="WcfServiceLibrary.IService">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration=""
          contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="http://localhost:168" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WcfServiceLibrary.ServiceBehavior">
          <serviceCredentials>
            <clientCertificate>
              <authentication certificateValidationMode="None" />
            </clientCertificate>
            <serviceCertificate findValue="CN=WCFServer" />
            <userNameAuthentication userNamePasswordValidationMode="Custom"
              customUserNamePasswordValidatorType="WcfServiceLibraryIdentity.Validator,WcfServiceLibraryIdentity" />
          </serviceCredentials>
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

</configuration>

 

Step3.設定Client端的App.Config及程式碼

程式碼與設定步驟跟上篇一樣,在此貼出App.Config

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <behaviors>
      <endpointBehaviors>
        <behavior name="EndPointBehavior.Config">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="None" revocationMode="NoCheck" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <bindings>
      <wsHttpBinding>
        <binding name="WSHttpBinding_IService">
          <security>
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://輸入遠端Address:168/" behaviorConfiguration="EndPointBehavior.Config"
          binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService"
          contract="WcfServiceLibrary.IService" name="WSHttpBinding_IService">
        <identity>
          <dns value="WCFServer" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>
</configuration>


這樣一來就覆寫掉了Windows UserName的驗証了

SNAGHTML1b41a1c9

 

若有謬誤,煩請告知,新手發帖請多包涵


Microsoft MVP Award 2010~2017 C# 第四季
Microsoft MVP Award 2018~2022 .NET

Image result for microsoft+mvp+logo