http://www.cnblogs.com/artech/archive/2011/05/22/authentication_01.html

https://www.cnblogs.com/Frank-yafeya/p/3283699.html

https://www.cnblogs.com/jfzhu/p/4067873.html

https://www.cnblogs.com/niaowo/p/4727378.html

1. server

a. implement UserNaePasswordValidator

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.IdentityModel.Selectors;

using System.ServiceModel;

namespace WcfService1.Common

{

    public class CustomUserNameValidator : UserNamePasswordValidator

    {

        public override void Validate(string userName, string password)

        {

            if (userName != "admin" || password != "abc123")

            {

                throw new FaultException("UserName or Password is incorrect!");

            }

        }

    }

}

b. generate certificate

makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=WcfServerCert -sky exchange –pe

c. config

<?xml version="1.0"?>

<configuration>

  <appSettings>

    <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />

  </appSettings>

  <system.web>

    <compilation debug="true" targetFramework="4.7" />

    <httpRuntime targetFramework="4.7"/>

  </system.web>

  <system.serviceModel>

    <services>

      <service name="WcfService1.Service1" behaviorConfiguration="securityBehaviorConfig">

        <endpoint address="" binding="wsHttpBinding" contract="WcfService1.Contract.IService1"

                  bindingConfiguration="wsBindingConfig" />

        <host>

          <baseAddresses>

            <add baseAddress="http://localhost/wcf/Service1" />

          </baseAddresses>

        </host>

      </service>

      <service name="WcfService1.UserService">

        <endpoint address="" behaviorConfiguration="WcfService1.UserServiceAspNetAjaxBehavior"

          binding="webHttpBinding" contract="WcfService1.UserService" />

      </service>

    </services>

    <behaviors>

      <endpointBehaviors>

        <behavior name="WcfService1.UserServiceAspNetAjaxBehavior">

          <webHttp  />

        </behavior>

      </endpointBehaviors>

      <serviceBehaviors>

        <behavior>

          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />

          <serviceDebug includeExceptionDetailInFaults="true" />

        </behavior>

        <behavior name="securityBehaviorConfig">

          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />

          <serviceDebug includeExceptionDetailInFaults="true" />

          <serviceCredentials>

            <serviceCertificate findValue="WcfServerCert" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/>

            <userNameAuthentication

              userNamePasswordValidationMode="Custom"

              customUserNamePasswordValidatorType="WcfService1.Common.CustomUserNameValidator, WcfService1"/>

          </serviceCredentials>

        </behavior>

      </serviceBehaviors>

    </behaviors>

    <bindings>

      <wsHttpBinding>

        <binding name="wsBindingConfig">

          <security mode="Message">

            <message clientCredentialType="UserName" />

          </security>

        </binding>

      </wsHttpBinding>

    </bindings>

    <protocolMapping>

      <add binding="basicHttpsBinding" scheme="https" />

    </protocolMapping>

    <serviceHostingEnvironment aspNetCompatibilityEnabled="true"

      multipleSiteBindingsEnabled="true" />

  </system.serviceModel>

  <system.webServer>

    <modules runAllManagedModulesForAllRequests="true"/>

    <!--

        To browse web app root directory during debugging, set the value below to true.

        Set to false before deployment to avoid disclosing web app folder information.

      -->

    <directoryBrowse enabled="true"/>

  </system.webServer>

  <system.diagnostics>

    <sources>

      <source name="System.ServiceModel"

              switchValue="Information, ActivityTracing"

              propagateActivity="true" >

        <listeners>

          <add name="xml"/>

        </listeners>

      </source>

      <source name="System.ServiceModel.MessageLogging">

        <listeners>

          <add name="xml"/>

        </listeners>

      </source>

      <source name="myUserTraceSource"

              switchValue="Information, ActivityTracing">

        <listeners>

          <add name="xml"/>

        </listeners>

      </source>

    </sources>

    <sharedListeners>

      <add name="xml"

           type="System.Diagnostics.XmlWriterTraceListener"

           initializeData="Error.svclog" />

    </sharedListeners>

  </system.diagnostics>

</configuration>

certlm.msc 添加 IIS AppPool\AppPoolName帐号,替换AppPoolName为应用池的名称,这里为WCFDemo。

2. client

         var wsBinding = new WSHttpBinding();

            wsBinding.Security.Mode = SecurityMode.Message;

            wsBinding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
// for exception: Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was 'localhost' but the remote endpoint provided DNS

            EndpointIdentity identity = EndpointIdentity.CreateDnsIdentity("WcfServerCert");

            EndpointAddress endAddress = new EndpointAddress(new Uri("http://localhost/wcf/Service1.svc"), identity);

            using (var factory = new ChannelFactory<IService1>(wsBinding, endAddress))

            {

                factory.Credentials.UserName.UserName = "admin";

                factory.Credentials.UserName.Password = "abc123";

                factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode =

                              X509CertificateValidationMode.None;

                var proxy = factory.CreateChannel();

                string result = proxy.GetData();

                Console.WriteLine(result);

            }

使用wsHttpBinding构建Message安全模式和UserName授权的更多相关文章

  1. [WCF安全3]使用wsHttpBinding构建基于SSL与UserName授权的WCF应用程序

    上一篇文章中介绍了如何使用wsHttpBinding构建UserName授权的WCF应用程序,本文将为您介绍如何使用wsHttpBinding构建基于SSL的UserName安全授权的WCF应用程序. ...

  2. [WCF安全2]使用wsHttpBinding构建UserName授权的WCF应用程序,非SSL

    上一篇文章中介绍了如何使用basicHttpBinding构建UserName授权的WCF应用程序,本文将为您介绍如何使用wsHttpBinding构建非SSL的UserName安全授权的WCF应用程 ...

  3. [WCF安全1]使用basicHttpBinding构建UserName授权的WCF应用程序

    最近到了新公司,leader让我研究一下WCF的传输安全机制.以前也做过WCF的应用,但是很少涉及安全方面的东西.所以,花了三天的时间研究了一下如何在WCF的应用程序中配置安全.在这个系列文章中,我会 ...

  4. WCF安全3-Transport与Message安全模式

    概述: WCF的安全传输主要涉及认证.消息一致性和机密性三个主题.WCF采用两种不同的机制来解决这三个涉及传输安全的问题,一般将它们成为不同的安全模式,即Transport安全模式和Message安全 ...

  5. WCF 内置绑定在不同的传输安全模式下的信道层

    basicHttpBinding Transport安全模式信道层 Message安全模式信道层 TransportWithMessageCredential安全模式信道层 TransportCred ...

  6. 学会WCF之试错法——安全配置报错分析

    安全配置报错分析 服务端配置 <system.serviceModel> <bindings> <wsHttpBinding> <binding name = ...

  7. 快速入门系列--WCF--07传输安全、授权与审核

    这部分主要涉及企业级应用的安全问题,一般来说安全框架主要提供3个典型的安全行为:认证.授权和审核.除了典型的安全问题,对于一个以消息作为通信手段的分布式应用,还需要考虑消息保护(Message Pro ...

  8. 【WCF安全】WCF 自定义授权[用户名+密码+x509证书]

    1.x509证书制作(略) 2.直接贴代码 ----------------------------------------------------------------------服务端----- ...

  9. WCF身份验证一:消息安全模式之<Certificate>身份验证

    消息安全模式的证书身份验证方式,基于WSHttpBinding绑定协议的实现过程.主要内容:基本概念,然后是制作证书.服务端配置.客户端配置.总结.这里应该和Transport传输安全模式之证书身份验 ...

随机推荐

  1. java-基础-【一】枚举

    enum 的全称为 enumeration, 是 JDK 1.5  中引入的新特性,存放在 java.lang 包中. 一.static final定义[jdk1.5之前] public static ...

  2. Andrew Ng-ML-第十七章-推荐系统

    1.问题规划  图1.推荐系统在研究什么? 例子:预测电影的评分. 当知道n_u用户数,n_m电影数:r(i,j)用户j评价了电影i,那么就是1:y(i,j)如果r(i,j)为1,那么就给出评分. 问 ...

  3. PAT 1087 All Roads Lead to Rome[图论][迪杰斯特拉+dfs]

    1087 All Roads Lead to Rome (30)(30 分) Indeed there are many different tourist routes from our city ...

  4. [Leetcode] 863. All Nodes Distance K in Binary Tree_ Medium tag: BFS, Amazon

    We are given a binary tree (with root node root), a target node, and an integer value `K`. Return a ...

  5. html select 和dropdownlist小结收集

    //html select var x = $("#selectSort").val();  //获取选中的value值 获取select选中的索引: $("#selec ...

  6. 软件包管理:rpm包管理-yum在线管理-IP地址配置和网络yum源

    只需告诉系统你想安装那个包,剩下的所有依赖问题yum都会解决. 有些情况下不能上网,但可以使用光盘. centos的yum是免费的.redhatyum付费. yum管理的其实同样是rpm包.并没有yu ...

  7. Summary: Stack Overflow Error

    What is a stack overflow error? Parameters and local variables are allocated on the stack (with refe ...

  8. JavaScript循环练习2

    折纸:折多少次和珠穆朗玛峰一样高1.一张纸的厚度是0.0001米,将纸对折,对折多少次厚度超过珠峰高度8848米 var hou = 0.0001; var cishu = 0; for(var i= ...

  9. QQ 客服设置

    不说那么多了. 目前可以通过此方式实现添加的效果 <a target="_blank" href="http://wpa.qq.com/msgrd?v=3& ...

  10. PDF常见问题总结

    欢迎和大家交流技术相关问题: 邮箱: jiangxinnju@163.com 博客园地址: http://www.cnblogs.com/jiangxinnju GitHub地址: https://g ...