在wcf中使用自定义的用户名和密码验证方式
https://msdn.microsoft.com/en-us/library/aa702565.aspx
http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti
To configure a service to use a custom user name and password validator
-
Configure a binding that uses message security over any transport or transport-level security over HTTP(S).
When using message security, add one of the system-provided bindings, such as a <wsHttpBinding>, or a <customBinding> that supports message security and the UserName credential type.
When using transport-level security over HTTP(S), add either the <wsHttpBinding> or <basicHttpBinding>, a <netTcpBinding> or a <customBinding> that uses HTTP(S) and the Basic authentication scheme.
NoteWhen .NET Framework version 3.5 or later is used, you can use a custom username and password validator with message and transport security. With WinFX, a custom username and password validator can only be used with message security.
TipFor more information on using <netTcpBinding> in this context, see <security> of <netTcpBinding>
-
In the configuration file, under the <system.serviceModel> element, add a <bindings> element.
-
Add a <wsHttpBinding> or <basicHttpBinding> element to the bindings section. For more information about creating an WCF binding element, see How to: Specify a Service Binding in Configuration.
-
Set the mode attribute of the <security> of <wsHttpBinding> or <security> of <basicHttpBinding> to Message, Transport, or TransportWithMessageCredential.
-
Set the clientCredentialType attribute of the <message> of <wsHttpBinding> or <transport> of <wsHttpBinding>.
-
如果第3步使用的是Security是Message,那么就设置MessageSecurity的MessageClientCredentialType为UserName
When using message security, set the clientCredentialType attribute of the <message> of <wsHttpBinding> to UserName.
When using transport-level security over HTTP(S), set the clientCredentialType attribute of the <transport> of <wsHttpBinding> or <transport> of <basicHttpBinding> to Basic.
| Note |
|---|
|
When a WCF service is hosted in Internet Information Services (IIS) using transport-level security and the UserNamePasswordValidationMode property is set to Custom, the custom authentication scheme uses a subset of Windows authentication. That is because in this scenario, IIS performs Windows authentication prior to WCF invoking the custom authenticator. |
For more information about creating an WCF binding element, see How to: Specify a Service Binding in Configuration.
The following example shows the configuration code for the binding.
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="Binding1">
<security mode="Message">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>
netTcpBinding的security的Mode属性,可以设置为4种类型,选择Message
2.Configure a behavior that specifies that a custom user name and password validator is used to validate user name and password pairs for incoming UserNameSecurityToken security tokens.
-
As a child to the <system.serviceModel> element, add a <behaviors> element.
-
Add a <serviceBehaviors> to the <behaviors> element.
-
Add a <behavior> of <serviceBehaviors> element and set the name attribute to an appropriate value.
-
Add a <serviceCredentials> to the <behavior> of <serviceBehaviors> element.
-
Add a <userNameAuthentication> to the <serviceCredentials>.
-
Set the userNamePasswordValidationMode to Custom.
ImportantIf the userNamePasswordValidationMode value is not set, WCF uses Windows authentication instead of the custom user name and password validator.
-
Set the customUserNamePasswordValidatorType to the type that represents your custom user name and password validator.
The following example shows the <serviceCredentials> fragment to this point.
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Microsoft.ServiceModel.Samples.CalculatorService.CustomUserNameValidator, service" />
</serviceCredentials>
