WCF加密传输数据,b并且用户名+密码验证

在前2个文章的基础上,继续增加对client 端增加username+password的验证

 

 

  1. host增加类Validator,需要添加引用

using System.IdentityModel.Selectors;

class Validator : UserNamePasswordValidator

    {

        public override void Validate(string userName, string password)

        {

            if (userName != "admin" || password != "123456")

            {

                throw new System.IdentityModel.Tokens.SecurityTokenException("Unknown Username or Password");

            }

        }

}

  1. host中修改binding

BindingsàwsHttpBindingàbinding下增加

<security mode="Message">

            <message clientCredentialType="UserName" />

          </security>

  1. host修改Behavior

BehaviorsàserviceBehaviorsà对应的behavioràserviceCredentials下增加

  <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WCFHost.Validator,WCFHost"/>

 

WCFHost.CalcValidator:验证器的类

WCFHost:验证器的命名空间,dll名字?

  1. Client修改binding

 

<wsHttpBinding>

                <binding name="WSHttpBinding_ICalculator">

                    <security mode="Message">

                        <message clientCredentialType="UserName" />

                    </security>

                </binding>

            </wsHttpBinding>

  1. 客户端代码

client.ClientCredentials.UserName.UserName = "admin";

client.ClientCredentials.UserName.Password = "123456";

或者

   ChannelFactory<ICalculator> factory = new ChannelFactory<ICalculator>("xxxx");

 factory.Credentials.UserName.UserName="admin1";
 factory.Credentials.UserName.Password = "123456";

  1. 测试

尝试修改UserName,password,调用不成功

 

注意:

  1. 要用username这种方式验证,好像必须使用证书来加密username和password
  2. 用nettcpbinding同样可以证书+username,password来实现,不想试了,
  3.  var name = OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name;服务端可以查看登录人信息

 

 

源码下载:https://download.csdn.net/download/hanghangz/11042084

posted @ 2019-03-20 16:12  瘦馬  阅读(365)  评论(0编辑  收藏  举报