当前位置:编程学习 > 网站相关 >>

化零为整WCF(17) - 安全(Security)

作者:webabcd


介绍
WCF(Windows Communication Foundation) - 安全(Security):本文以用户名和密码做验证,通过X.509证书做加密为例


示例
1、证书
setup.bat
makecert -sr LocalMachine -ss My -a sha1 -n CN=Webabcd -sky exchange -pe
certmgr -add -r LocalMachine -s My -c -n Webabcd -s TrustedPeople


2、服务
IHello.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

using System.ServiceModel;

namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// IHello接口
    /// </summary>
    [ServiceContract]
    public interface IHello
    {
        /**//// <summary>
        /// 打招呼方法
        /// </summary>
        /// <param name="name">人名</param>
        /// <returns></returns>
        [OperationContract]
        string SayHello(string name);
    }
}


Hello.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

using System.ServiceModel;

namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// Hello类
    /// </summary>
    public class Hello : IHello
    {
        /**//// <summary>
        /// 打招呼方法
        /// </summary>
        /// <param name="name">人名</param>
        /// <returns></returns>
        public string SayHello(string name)
        {
            return "Hello: " + name;
        }
    }
}


CustomNamePasswordValidator.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

using System.ServiceModel;

namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// 自定义的用户名/密码验证类
    /// </summary>
    public class CustomNamePasswordValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
    {
        /**//// <summary>
        /// 验证指定的用户名和密码
        /// </summary>
        /// <param name="userName">要验证的用户名</param>
        /// <param name="password">要验证的密码</param>
        public override void Validate(string userName, string password)
        {
            if (!(userName == "webabcd" && password == "webabcd"))
            {
                throw new FaultException("用户名或密码不正确");
            }
        }
    }
}

 

3、宿主
Hello.svc

<%@ ServiceHost Language="C#" Debug="true" Service="WCF.ServiceLib.Security.Hello" %>

Web.config

<?xml version="1.0"?>
<configuration>
    <system.serviceModel>
        <services>
            <!--name - 提供服务的类名-->
            <!--behaviorConfiguration - 指定相关的行为配置-->
            <service name="WCF.ServiceLib.Security.Hello" behaviorConfiguration="SecurityBehavior">
                <!--address - 服务地址-->
                <!--binding - 通信方式-->
                <!--contract - 服务契约-->
                <endpoint address="" binding="wsHttpBinding" contract="WCF.ServiceLib.Security.IHello" bindingConfiguration="SecurityBindingConfiguration"  />
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="SecurityBehavior">
                    <!--httpGetEnabled - 指示是否发布服务元数据以便使用 HTTP/GET 请求进行检索,如果发布 WSDL,则为 true,否则为 false,默认值为 false-->
                    <serviceMetadata httpGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                    <serviceCredentials>
                        <!--userNamePasswordValidationMode - 以用户名/密码模式来进行验证的方法-->
                        <!--UserNamePasswordValidationMode.Windows - 用户名映射到 Windows 用户-->
                        <!--UserNamePasswordValidationMode.MembershipProvider - 提供基于已配置的 MembershipProvider 的密码验证-->
                        <!--UserNamePasswordValidationMode.Custom - 基于已配置的自定义 UsernamePasswordValidator 的自定义身份验证-->
                        <!--customUserNamePasswordValidatorType - 所使用的自定义用户名密码验证程序的类型-->
                        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCF.ServiceLib.S

补充:综合编程 , 其他综合 ,
CopyRight © 2012 站长网 编程知识问答 www.zzzyk.com All Rights Reserved
部份技术文章来自网络,