c# – WCF .net 4.0 HTTP基本身份验证
内容导读
互联网集市收集整理的这篇技术教程文章主要介绍了c# – WCF .net 4.0 HTTP基本身份验证,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含3563字,纯文字阅读大概需要6分钟。
内容图文
我现在已经为此吵了几天了.
我只是尝试使用基本HTTP身份验证将用户名/密码传递到我的RESTful服务中.其他一切都很棒!
这是我的web.config看起来像:
<?xml version="1.0"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="UrlRoutingModule" type="System.Web.Routing.UrlRoutingModule, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</modules>
</system.webServer>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<standardEndpoints>
<webHttpEndpoint>
<!--
Configure the WCF REST service base address via the global.asax.cs file and the default endpoint
via the attributes on the <standardEndpoint> element below
-->
<standardEndpoint name="" helpEnabled="true" defaultOutgoingResponseFormat="Json" automaticFormatSelectionEnabled="true"/>
</webHttpEndpoint>
</standardEndpoints>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="ParkingPandaREST.CustomUserNameValidator, ParkingPandaREST" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>
然后我创建了一个具有以下内容的CustomUserNameValidator类:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace ParkingPandaREST
{
public class CustomUserNameValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
{
// This method validates users. It allows in two users, test1 and test2
// with passwords 1tset and 2tset respectively.
// This code is for illustration purposes only and
// must not be used in a production environment because it is not secure.
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException();
}
if (!(userName == "test1" && password == "1tset") && !(userName == "test2" && password == "2tset"))
{
// This throws an informative fault to the client.
throw new System.ServiceModel.FaultException("Unknown Username or Incorrect Password");
// When you do not want to throw an infomative fault to the client,
// throw the following exception.
// throw new SecurityTokenException("Unknown Username or Incorrect Password");
}
}
}
}
我只是在我的本地机器上运行该服务并试图在CustomUserNameValidator类中找到一个断点,但它永远不会到达那里.所以我现在不使用SSL,只是试图获取用户名/密码.
解决方法:
这是我想出的答案.它可能需要稍微调整一下,但它是完成工作所需的核心.
注意:在IIS中关闭基本身份验证
// Get the Header Authorization Value
string headerValue = operationContext.IncomingRequest.Headers[HttpRequestHeader.Authorization];
headerValue = headerValue.Replace("Basic ", "");
headerValue = DecodeBase64String(headerValue);
// Get Username and Password
string userName = headerValue.Substring(0, headerValue.IndexOf(":"));
string password = headerValue.Substring(headerValue.IndexOf(":") + 1, headerValue.Length - userName.Length - 1);
// Do Custom Authorization here with the userName and password
…….
这里还有DecodeBase64String函数
public static string DecodeBase64String(string encodedData)
{
byte[] encodedDataAsBytes = System.Convert.FromBase64String(encodedData);
string returnValue = System.Text.ASCIIEncoding.ASCII.GetString(encodedDataAsBytes);
return returnValue;
}
希望能帮助其他一些有同样问题的人 – 干杯!
内容总结
以上是互联网集市为您收集整理的c# – WCF .net 4.0 HTTP基本身份验证全部内容,希望文章能够帮你解决c# – WCF .net 4.0 HTTP基本身份验证所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。
内容备注
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。
内容手机端
扫描二维码推送至手机访问。