Silverlight+wcf 结合窗体验证演示

网上查阅了相关WCF的例子，一般都要证书，对于简单的安全性不高的wcf如果寄宿在IIS中wcf的验证完全可基于asp.net 的窗体验证

http://blog.csdn.net/shanyou/archive/2009/09/06/4680978.aspx

该文对“WCF服务中操作FormsAuthentication的Cookie”操作有详细的说明

//建立user wcf锲约

    [ServiceContract(Namespace = "")]

    public interface IUser
    {
        [OperationContract]
        LoginMessage DoWork(string name);

[OperationContract]
LoginMessage Login(string username, string pass);

        [OperationContract]
        void SignOut();
    }

    /// <summary>
    /// login DataContract
    /// </summary>
    [DataContract]
    public class LoginMessage
    {

        [DataMember]
        public string Text;
    }

//实现接口

// 注意: 如果更改此处的类名 "User"，也必须更新 App.config 中对 "User" 的引用。
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
    public class User : IUser
    {

        public LoginMessage DoWork(string name)
        {
            LoginMessage a = new LoginMessage();
            if (UserAuthenticate.isAuthenticate())
            {
                a.Text = "hello " + HttpContext.Current.User.Identity.Name.Trim();
            }
            else
            {
                a.Text="notlogin";
            }
            return a;
        }

        public LoginMessage Login(string username, string pass)
        {
            LoginMessage a = new LoginMessage();
            if (username == "xgr2004" && pass == "123456")
            {
                 UserAuthenticate.VerifyUser(username, pass);
                a.Text= "true";
            }
            else
            {
                a.Text = "false";
            }
            return a;
        }

        public void SignOut()
        {
            UserAuthenticate.SignOut();
        }

//验证部分，这里拷了我给出连接

public class UserAuthenticate
{

      static public string VerifyUser(string username, string password)
       {

               System.Web.Security.FormsAuthentication.SetAuthCookie(username, true);
               // 创建验证票
               System.Web.Configuration.FormsAuthenticationConfiguration formsConfig = new System.Web.Configuration.FormsAuthenticationConfiguration();
               FormsAuthenticationTicket formAuthTicket = new
                   FormsAuthenticationTicket(
                           1,                              // 版本
                           username,                          // 用户名称
                           DateTime.Now,                   // 创建时间
                           DateTime.Now.AddMinutes(formsConfig.Timeout.TotalMinutes),    // 失效时间
                           true,"");    // 用户数据

               //加密票
               string encryptedTicket = FormsAuthentication.Encrypt(formAuthTicket);
               // 以加密票的密文存入Cookie
               HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);

               authCookie.HttpOnly = true;
               authCookie.Path = FormsAuthentication.FormsCookiePath;
               authCookie.Secure = FormsAuthentication.RequireSSL;
               if (FormsAuthentication.CookieDomain != null)
               {
                   authCookie.Domain = FormsAuthentication.CookieDomain;
               }
               if (formAuthTicket.IsPersistent)
               {
                   authCookie.Expires = formAuthTicket.Expiration;
               }

               HttpContext.Current.Response.Cookies.Add(authCookie);
               FormsIdentity identity = new FormsIdentity(formAuthTicket);
               GenericPrincipal principal = new GenericPrincipal(identity, null);
               HttpContext.Current.User = principal;

               return "";
               return null;

       }

      static public bool isAuthenticate()
      {
        return HttpContext.Current.User.Identity.IsAuthenticated;

      }

       static public void SignOut()
       {
        FormsAuthentication.SignOut();
        HttpContext.Current.Session.Clear();

}
}