WCF Net.Tcp 绑定和 customUserNamePasswordValidatorType

Question

我有一个带有 Net.Tcp 绑定的 WCF 服务，我的服务器配置是

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true"/>
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
                customUserNamePasswordValidatorType="Service.PlainUserNameValidator, Service" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <services>
      <service name="Service.TestService">
        <endpoint address="" binding="netTcpBinding" contract="Service.ITestService">
          <identity>
            <dns value="localhost" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="net.tcp://localhost:8732/Service/TestService/" />
            <add baseAddress="http://localhost:8001/service/TestServiceMex/" />
          </baseAddresses>
        </host>
      </service>
    </services>
  </system.serviceModel>
</configuration>

在配置中我打开了customUserNamePasswordValidatorType。启动主机的代码是

class Program
{
    static void Main(string[] args)
    {
        using (ServiceHost host = new ServiceHost(typeof(TestService)))
        {
            host.Open();
            Console.WriteLine("The service is ready.");
            Console.WriteLine(String.Format("Metadata is at {0}?WSDL", host.Description.Endpoints[0].Address));
            Console.WriteLine();
            Console.WriteLine("Press <ENTER> to terminate service.");
            Console.WriteLine();
            Console.ReadLine();
        }
    }
}

我在配置文件中注册的自定义用户名验证器类是

namespace Service
{
    using System;
    using System.IdentityModel.Selectors;

    public class PlainUserNameValidator : UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {
            Console.WriteLine("Requesting username {0} and password {1}.", userName, password);
        }
    }
}

但是，当客户端调用时，验证器似乎永远不会触发。

为Net.Tcp 绑定启用customUserNamePasswordValidatorType 需要注意什么特殊技巧？

Answer 1

两点：

您尚未包含证书，您应该这样做以确保客户端凭据的完整性，如有必要，请设置一个临时证书并将其添加到您的服务凭据中。

<serviceCertificate 
          findValue="localhost" 
            x509FindType="FindBySubjectName" 
            storeLocation="CurrentUser" 
            storeName="My" />

您还没有指定任何安全性 - 为此，客户端和服务端点都需要在其绑定上启用用户名和密码身份验证模式

<netTcpBinding>
  <binding name="tcpWithMessageSecurity">
    <security mode="Message" >
      <message clientCredentialType="UserName"/>
    </security>
  </binding> 
</netTcpBinding>

然后

<endpoint address="" binding="tcpWithMessageSecurity" contract="Service.ITestService">

然后，命名您的行为并将其添加到上述行中。