Question

我对WCF和设置服务有点新意，有2个问题。我的第一个问题我有一个服务，将通过Web服务器上的https访问。但是在本地IIS7本地，它将通过http访问，因为https不可用。如何设置要由两者访问的服务？

我的第二个问题是如何设置一个需要访问用户名和密码的服务。我所拥有的服务我不希望访问其中的方法，除非调用应用程序有权这样做？

以下是我的web.config文件的相关区域的示例。

<system.serviceModel>
    <bindings>
        <webHttpBinding>
            <!-- standard AJAX binding that supports SSL -->
            <binding name="TransportSecurity">
                <security mode="Transport" />
            </binding>
            <!-- standard AJAX binding for HTTP only -->
            <binding name="NoSecurity">
                <security mode="None" />
            </binding>
        </webHttpBinding>
    </bindings>
    <behaviors>
        <endpointBehaviors>
            <behavior name="EndPointBehavior">
                <enableWebScript />
            </behavior>
        </endpointBehaviors>
        <serviceBehaviors>
            <behavior name="ServiceBehavior">
                <serviceDebug httpHelpPageEnabled="false" httpsHelpPageEnabled="false" includeExceptionDetailInFaults="true" />
                <serviceMetadata httpGetEnabled="true" />
            </behavior>
        </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    <services>
        <service behaviorConfiguration="ServiceBehavior" name="ServiceName">
            <endpoint address="" 
                      behaviorConfiguration="EndPointBehavior"
                      binding="webHttpBinding" 
                      bindingConfiguration="NoSecurity"
                      contract="App.Service.ServiceName" />
        </service>
    </services>
    <diagnostics>
        <messageLogging logMessagesAtTransportLevel="true" logMessagesAtServiceLevel="false" logMalformedMessages="true" logEntireMessage="false" maxSizeOfMessageToLog="65535000" maxMessagesToLog="500" />
    </diagnostics>
</system.serviceModel>

在此配置中，服务仅针对http设置，而不是应用于用户名/密码。

Answer 1

您可以将用户名密码配置添加到绑定中：

            <security mode="Transport">
                <transport clientCredentialType="Basic" />
            </security>

和

            <security mode="TransportCredentialOnly"> <!-- This means http + credential -->
                <transport clientCredentialType="Basic" />
            </security>

至于授权，有很多选择。最简单的方法是应用自定义用户名密码验证器（artibtrary示例取自http://blogs.msdn.com/b/pedram/archive/2007/10/05/wcf-authentication-custom-username-and-password-validator.aspx）：

<serviceBehaviors>
  <behavior name="CustomValidator">
    <serviceCredentials>

      <userNameAuthentication
        userNamePasswordValidationMode="Custom"
        customUserNamePasswordValidatorType=
  </behavior>
</serviceBehaviors>

在更复杂的层面上，请阅读ServiceAuthorizationManager：

http://msdn.microsoft.com/en-us/library/system.servicemodel.serviceauthorizationmanager.aspx

为http和https设置wcf服务，并为其访问添加用户名/密码

1 个答案: