化零为整WCF(17) - 安全(Security)


作者：webabcd

介绍
WCF(Windows Communication Foundation) - 安全(Security)：本文以用户名和密码做验证，通过X.509证书做加密为例

示例
1、证书
setup.bat 
makecert -sr LocalMachine -ss My -a sha1 -n CN=Webabcd -sky exchange -pe
certmgr -add -r LocalMachine -s My -c -n Webabcd -s TrustedPeople

2、服务
IHello.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// IHello接口
    /// </summary>
    [ServiceContract]
    public inte易做图ce IHello
    {
        /**//// <summary>
        /// 打招呼方法
        /// </summary>
        /// <param name="name">人名</param>
        /// <returns></returns>
        [OperationContract]
        string SayHello(string name);
    }
}

Hello.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// Hello类
    /// </summary>
    public class Hello : IHello
    {
        /**//// <summary>
        /// 打招呼方法
        /// </summary>
        /// <param name="name">人名</param>
        /// <returns></returns>
        public string SayHello(string name)
        {
            return "Hello: " + name;
        }
    }
}

CustomNamePasswordValidator.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel;
namespace WCF.ServiceLib.Security
{
    /**//// <summary>
    /// 自定义的用户名/密码验证类
    /// </summary>
    public class CustomNamePasswordValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
    {
        /**//// <summary>
        /// 验证指定的用户名和密码
        /// </summary>
        /// <param name="userName">要验证的用户名</param>
        /// <param name="password">要验证的密码</param>
        public override void Validate(string userName, string password)
        {
            if (!(userName == "webabcd" && password == "webabcd"))
            {
                throw new FaultException("用户名或密码不正确");
            }
        }
    }
}
 
3、宿主
Hello.svc
<%@ ServiceHost Language="C#" Debug="true" Service="WCF.ServiceLib.Security.Hello" %>
Web.config
<?xml version="1.0"?>
<configuration>
    <system.serviceModel>
        <services>
            <!--name - 提供服务的类名-->
            <!--behaviorConfiguration - 指定相关的行为配置-->
            <service name="WCF.ServiceLib.Security.Hello" behaviorConfiguration="SecurityBehavior">
                <!--address - 服务地址-->
                <!--binding - 通信方式-->
                <!--contract - 服务契约-->
                <endpoint address="" binding="wsHttpBinding" contract="WCF.ServiceLib.Security.IHello" bindingConfiguration="SecurityBindingConfiguration"  />
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="SecurityBehavior">
                    <!--httpGetEnabled - 指示是否发布服务元数据以便使用 HTTP/GET 请求进行检索，如果发布 WSDL，则为 true，否则为 false，默认值为 false-->
                    <serviceMetadata httpGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="true"/>
                    <serviceCredentials>
                        <!--userNamePasswordValidationMode - 以用户名/密码模式来进行验证的方法-->
                        <!--UserNamePasswordValidationMode.Windows - 用户名映射到 Windows 用户-->
                        <!--UserNamePasswordValidationMode.MembershipProvider - 提供基于已配置的 MembershipProvider 的密码验证-->
                        <!--UserNamePasswordValidationMode.Custom - 基于已配置的自定义 UsernamePasswordValidator 的自定义身份验证-->
                        <!--customUserNamePasswordValidatorType - 所使用的自定义用户名密码验证程序的类型-->
                        <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCF.ServiceLib.S

补充：综合编程 , 其他综合 ,