How to: Use a Custom User Name and Password Validator
2015-07-28 13:34
453 查看
在wcf中使用自定义的用户名和密码验证方式
https://msdn.microsoft.com/en-us/library/aa702565.aspx http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti
When using message security, add one of the system-provided bindings, such as a <wsHttpBinding>, or a <customBinding> that supports message security and the UserName credential type.
When using transport-level security over HTTP(S), add either the <wsHttpBinding> or <basicHttpBinding>, a <netTcpBinding> or a <customBinding> that uses HTTP(S) and the Basic authentication scheme.
In the configuration file, under the <system.serviceModel> element, add a <bindings> element.
Add a <wsHttpBinding> or <basicHttpBinding> element to the bindings section. For more information about creating an WCF binding element, see How to: Specify a Service Binding in Configuration.
Set the mode attribute of the <security> of <wsHttpBinding> or <security> of <basicHttpBinding> to Message, Transport, or TransportWithMessageCredential.
Set the clientCredentialType attribute of the <message> of <wsHttpBinding> or <transport> of <wsHttpBinding>.
如果第3步使用的是Security是Message,那么就设置MessageSecurity的MessageClientCredentialType为UserName
When using message security, set the clientCredentialType attribute of the <message> of <wsHttpBinding> to UserName.
When using transport-level security over HTTP(S), set the clientCredentialType attribute of the <transport> of <wsHttpBinding> or <transport> of <basicHttpBinding> to Basic.
For more information about creating an WCF binding element, see How to: Specify a Service Binding in Configuration.
The following example shows the configuration code for the binding.
netTcpBinding的security的Mode属性,可以设置为4种类型,选择Message
如果Mode设置为Message的话,那么就需要设置MessageSecurity的MessageClientCredentialType为UserName
如果Mode设置为Transport的话,那么就需要设置TransportSecurity的TransportClientCredentialType
2.Configure a behavior that specifies that a custom user name and password validator is used to validate user name and password pairs for incoming UserNameSecurityToken security tokens.
As a child to the <system.serviceModel> element, add a <behaviors> element.
Add a <serviceBehaviors> to the <behaviors> element.
Add a <behavior> of <serviceBehaviors> element and set the name attribute to an appropriate value.
Add a <serviceCredentials> to the <behavior> of <serviceBehaviors> element.
Add a <userNameAuthentication> to the <serviceCredentials>.
Set the userNamePasswordValidationMode to Custom.
Set the customUserNamePasswordValidatorType to the type that represents your custom user name and password validator.
The following example shows the <serviceCredentials> fragment to this point.
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Microsoft.ServiceModel.Samples.CalculatorService.CustomUserNameValidator, service" />
</serviceCredentials>
https://msdn.microsoft.com/en-us/library/aa702565.aspx http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti
To configure a service to use a custom user name and password validator
Configure a binding that uses message security over any transport or transport-level security over HTTP(S).When using message security, add one of the system-provided bindings, such as a <wsHttpBinding>, or a <customBinding> that supports message security and the UserName credential type.
When using transport-level security over HTTP(S), add either the <wsHttpBinding> or <basicHttpBinding>, a <netTcpBinding> or a <customBinding> that uses HTTP(S) and the Basic authentication scheme.
Note |
---|
When .NET Framework version 3.5 or later is used, you can use a custom username and password validator with message and transport security. With WinFX, a custom username and password validator can only be used with message security. |
Tip |
---|
For more information on using <netTcpBinding> in this context, see <security> of <netTcpBinding> |
Add a <wsHttpBinding> or <basicHttpBinding> element to the bindings section. For more information about creating an WCF binding element, see How to: Specify a Service Binding in Configuration.
Set the mode attribute of the <security> of <wsHttpBinding> or <security> of <basicHttpBinding> to Message, Transport, or TransportWithMessageCredential.
Set the clientCredentialType attribute of the <message> of <wsHttpBinding> or <transport> of <wsHttpBinding>.
如果第3步使用的是Security是Message,那么就设置MessageSecurity的MessageClientCredentialType为UserName
When using message security, set the clientCredentialType attribute of the <message> of <wsHttpBinding> to UserName.
When using transport-level security over HTTP(S), set the clientCredentialType attribute of the <transport> of <wsHttpBinding> or <transport> of <basicHttpBinding> to Basic.
Note |
---|
When a WCF service is hosted in Internet Information Services (IIS) using transport-level security and the UserNamePasswordValidationMode property is set to Custom, the custom authentication scheme uses a subset of Windows authentication. That is because in this scenario, IIS performs Windows authentication prior to WCF invoking the custom authenticator. |
The following example shows the configuration code for the binding.
<system.serviceModel> <bindings> <wsHttpBinding> <binding name="Binding1"> <security mode="Message"> <message clientCredentialType="UserName" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel>
netTcpBinding的security的Mode属性,可以设置为4种类型,选择Message
如果Mode设置为Message的话,那么就需要设置MessageSecurity的MessageClientCredentialType为UserName
如果Mode设置为Transport的话,那么就需要设置TransportSecurity的TransportClientCredentialType
2.Configure a behavior that specifies that a custom user name and password validator is used to validate user name and password pairs for incoming UserNameSecurityToken security tokens.
As a child to the <system.serviceModel> element, add a <behaviors> element.
Add a <serviceBehaviors> to the <behaviors> element.
Add a <behavior> of <serviceBehaviors> element and set the name attribute to an appropriate value.
Add a <serviceCredentials> to the <behavior> of <serviceBehaviors> element.
Add a <userNameAuthentication> to the <serviceCredentials>.
Set the userNamePasswordValidationMode to Custom.
Important |
---|
If the userNamePasswordValidationMode value is not set, WCF uses Windows authentication instead of the custom user name and password validator. |
The following example shows the <serviceCredentials> fragment to this point.
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Microsoft.ServiceModel.Samples.CalculatorService.CustomUserNameValidator, service" />
</serviceCredentials>
相关文章推荐
- Java printf()占位符
- Python webservice 得到天气状态
- oracle 创建字段自增长——两种实现方式汇总(转)
- zoj1091(深度搜索
- Mysql错误及处理总结
- IAR开发STM8,如何加入每次编译的日期时间信息来做为版本信息
- C#判断一个类实现了一个接口
- jQuery中的.bind()、.live()和.delegate()之间区别分析(转)
- krpano音量控制(我们已经转移到krpano中国网站 krpano360.com)
- krpano音量控制(我们已经转移到krpano中国网站 krpano360.com)
- ubuntu彻底删除wine
- Xms Xmx PermSize MaxPermSize 区别
- PAT (Advanced Level) 1063. Set Similarity (25) set的相似度
- linux driver 简单实例
- Spring 注释 @Autowired 和@Resource 的区别
- 阿里电话面试
- 解析大型.NET ERP系统 20条数据库设计规范
- asterisk manager api 配置 (manager.conf)
- 黑马程序员----0704期java开发前奏
- Linux中fork()函数详解