热门:网页模板.net视频教程JQueryMVCjsonExtJs源码示例三级联动JQuery菜单
您现在的位置:.Net中文社区>> .Net编程>>正文内容

WCF身份验证之用户名密码认证

发布时间:2010年06月01日点击数: 佚名

WCF支持多种认证技术,例如Windowns认证、X509证书、Issued Tokens、用户名密码认证等,在跨Windows域分布的系统中,用户名密码认证是比较常用的,要实现用户名密码认证,就必须需要X509证书,用来加密用户名和密码。

1. 创建数字证书

makecert -sr localmachine -ss My -n CN=ejiyuan -sky exchange -pe -r。

2. 创建服务代码  

  1. [ServiceContract] 
  2.     public interface ICalculator 
  3.     { 
  4.         [OperationContract] 
  5.         double add(double x, double y); 
  6.     } 
  7.  
  8.     public class CalculatorService : ICalculator 
  9.     { 
  10.  
  11.         public double add(double x, double y) 
  12.         { 
  13.             return x + y; 
  14.         } 
  15.     } 
  16.     class Program 
  17.     { 
  18.         static void Main(string[] args) 
  19.         { 
  20.             ServiceHost _serviceHost = new ServiceHost(typeof(CalculatorService)); 
  21.             _serviceHost.Opened += (s, q) => 
  22.             {  
  23.                 Console.WriteLine("服务已启动"); 
  24.                 Console.Read();  
  25.             }; 
  26.             _serviceHost.Open(); 
  27.         } 
  28.     } 

3. 设置安全验证模式 

  1. <bindings> 
  2.       <netTcpBinding> 
  3.         <binding name="nonSessionBinding"> 
  4.           <!--当前绑定的安全认证模式--> 
  5.           <security mode="Message" > 
  6.             <!--定义消息级安全性要求的类型,为证书--> 
  7.             <message clientCredentialType="UserName" /> 
  8.           </security> 
  9.         </binding> 
  10.       </netTcpBinding> 
  11.     </bindings> 

4. 设置服务凭据值

  1. <behaviors> 
  2.       <serviceBehaviors > 
  3.         <behavior name="CalculatorServiceBehavior" > 
  4.           <serviceCredentials> 
  5.             <!--指定一个 X.509 证书,用户对认证中的用户名密码加密解密--> 
  6.             <serviceCertificate findValue="CN=ejiyuan" x509FindType="FindBySubjectDistinguishedName" storeLocation="LocalMachine" storeName="My"/> 
  7.             <clientCertificate> 
  8.               <!--自定义对客户端进行证书认证方式 这里为 None--> 
  9.               <authentication certificateValidationMode="None"/> 
  10.             </clientCertificate>  
  11.             <!--自定义用户名和密码验证的设置-->             
  12.             <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Wcf.Extensions.Security.UserNamePasswordValidator,Wcf.Extensions.Security" />            
  13.           </serviceCredentials>           
  14.         </behavior> 
  15.       </serviceBehaviors> 
  16.     </behaviors> 

5. 自定义证书验证
   通过继承自'System.IdentityModel.Selectors.UserNamePasswordValidator',然后我们重写里面的'Validate'方法来实现用户名密码认证逻辑

  1. public class UserNamePasswordValidator : System.IdentityModel.Selectors.UserNamePasswordValidator 
  3.     public override void Validate(string userName, string password) 
  4.     { 
  5.         if (userName != "ejiyuan" || password != "123456"
  6.         { 
  7.             throw new System.IdentityModel.Tokens.SecurityTokenException("Unknown Username or Password"); 
  8.         } 
  9.     } 

6. 客户端代码   

  1. class Program 
  3.     static void Main(string[] args) 
  4.     { 
  5.         CalculatorClient client = new CalculatorClient(); 
  6.         //指定认证的用户名和密码 
  7.         client.ClientCredentials.UserName.UserName = "ejiyuan"
  8.         client.ClientCredentials.UserName.Password = "123456"
  9.  
  10.         var q = client.add(1, 2); 
  11.         Console.WriteLine(client.add(1,2)); 
  12.         Console.Read(); 
  13.     } 

7. 客户端配置信息(自动生成的) 

  1. <system.serviceModel> 
  2.     <bindings> 
  3.         <netTcpBinding> 
  4.             <binding name="NetTcpBinding_ICalculator" > 
  5.                 <security mode="Message"> 
  6.                     <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign" /> 
  7.                     <message clientCredentialType="UserName" /> 
  8.                 </security> 
  9.             </binding> 
  10.         </netTcpBinding> 
  11.     </bindings> 
  12.     <client> 
  13.         <endpoint address="net.tcp://192.168.101.13:8000/calculatorservice" 
  14.             binding="netTcpBinding" bindingConfiguration="NetTcpBinding_ICalculator" 
  15.             contract="ServiceReference1.ICalculator" name="NetTcpBinding_ICalculator"> 
  16.             <identity> 
  17.                 <certificate encodedValue="AwAAAAEAAAAUAAAAgvtzbyRkxIGFn4UuyxD2+XJsJl8gAAAAAQAAAPQBAAAwggHwMIIBWaADAgECAhB/oj2gX287pUAmeLEVtWucMA0GCSqGSIb3DQEBBAUAMBIxEDAOBgNVBAMTB2VqaXl1YW4wHhcNMTAwNTI4MDkyNjQzWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdlaml5dWFuMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfOgnw6Vs7gS52Gsud0WsuFOoDeF4+4DL1HFIpQupdExtIkWwY2v2/t/pWHRRvPE/aPf3M6axUYaT4pQqPXBHQR1lb0Hi6XLUGkzsEk7tjiEMEkpt+/8rQIdtXlmmry7yDixoX8PKEd5cGAISjEdbVKJqjQnC55rQXeDYlIXoqlwIDAQABo0cwRTBDBgNVHQEEPDA6gBCTu+dYQbdaauBGEk3SjJ5FoRQwEjEQMA4GA1UEAxMHZWppeXVhboIQf6I9oF9vO6VAJnixFbVrnDANBgkqhkiG9w0BAQQFAAOBgQA1jOywoJ5Xh6B6W3Vw7xPa9A6AH0WtedXPd4YbCU465UdKeP5G2HtKLpS20MnkU6lIh22lxMnb3WGZh70l5Sg1Hl0j/SklLKtOXzeQnVLaPundd9RS1TD/hHwVyu+89cr0866etfGwI9IDpwjhj5ixT3VUHI3eGrXRj+IGx8/W8Q==" /> 
  18.             </identity> 
  19.         </endpoint> 
  20.     </client> 
  21. </system.serviceModel> 

随机文章推荐

本站热点业务

更多模板/案例展示

热门推荐

最近更新

关于我们 | 联系我们 | 团队日志 | 网站地图 | 网站合作
本站部份资源来于互联网,只供学习之用,不得用于商业,如有侵犯版权请联系告知,本站将第一时间删除!
copyright © 2008-2010 .Net中文社区 ASPXCS.NET™.All Rights Reserved 滇ICP备08102132号