WP7 + WCF + IIS + HTTPS（传输）+ 基本身份验证

Question

我已经阅读了很多关于通过基本身份验证通过 HTTPS 使用 WP7 + WCF (IIS 7) 的问题的帖子，但我仍然遇到问题......

如果我只使用没有 BasicAuth 的 HTTPS 传输，它就像一个魅力。但两者结合对我不起作用......

也许你可以帮我找出我的失败...

我的客户端配置：

<configuration>
<system.serviceModel>
    <bindings>
        <basicHttpBinding>
            <binding name="BasicHttpBinding_IService1" maxBufferSize="2147483647"
                maxReceivedMessageSize="2147483647">
              <security mode="Transport" />
            </binding>
        </basicHttpBinding>
    </bindings>
    <client>
        <endpoint 
            binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IService1"
            contract="ServiceReference1.IService1" name="BasicHttpBinding_IService1" />
    </client>
</system.serviceModel>

我的服务配置：

    <?xml version="1.0"?>
<configuration>
  <appSettings/>
  <system.web>
    <compilation debug="true" targetFramework="4.0"/>
    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
  </system.web>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WP7.CustomUserNameValidator, WP7" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    <bindings>
      <basicHttpBinding>
        <binding maxReceivedMessageSize="2147483647"> 
          <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
          <security mode="TransportWithMessageCredential" >
            <transport clientCredentialType="Basic"/>
            <message clientCredentialType="UserName"/>
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

我在 Service 中使用的 CustomUserNameValidator：

namespace WP7
{
public class CustomUserNameValidator : UserNamePasswordValidator
    {
        // This method validates users. It allows in two users, 
        // test1 and test2 with passwords 1tset and 2tset respectively.
        // This code is for illustration purposes only and 
        // MUST NOT be used in a production environment because it 
        // is NOT secure.
        public override void Validate(string userName, string password)
        {

            if (null == userName || null == password)
            {
                throw new ArgumentNullException();
            }

            if (!(userName == "test1" && password == "1tset") && !(userName == "test2" && password == "2tset"))
            {
                throw new FaultException("Unknown Username or Incorrect Password");
            }
        }
    }
}

我的 Wp7 应用程序中调用同步方法的代码（解决方案来自：http://cisforcoder.wordpress.com/2010/12/01/how-to-implement-basic-http-authentication-in-wcf-on-windows-phone-7/#comment-174）：

proxy = new ServiceReference1.Service1Client();
            proxy.Endpoint.Address = new System.ServiceModel.EndpointAddress(new Uri(Details.mySettings.EndpointAddress));

            proxy.PingServerCompleted += new EventHandler<ServiceReference1.PingServerCompletedEventArgs>(proxy_PingServerCompleted);

            var credentials = EncodeBasicAuthenticationCredentials("test1", "1tset");

            using (OperationContextScope scope =
                      new OperationContextScope(proxy.InnerChannel))
            {
                HttpRequestMessageProperty request = new HttpRequestMessageProperty();
                request.Headers[System.Net.HttpRequestHeader.Authorization] = "Basic " + credentials;

                OperationContext.Current.OutgoingMessageProperties.Add(
                                                   HttpRequestMessageProperty.Name, request);
                proxy.PingServerAsync(myServer);
            }

private string EncodeBasicAuthenticationCredentials(string username, string password)
        {
            //first concatenate the user name and password, separated with :
            string credentials = username + ":" + password;

            //Http uses ascii character encoding, WP7 doesn’t include
            // support for ascii encoding but it is easy enough to convert
            // since the first 128 characters of unicode are equivalent to ascii.
            // Any characters over 128 can’t be expressed in ascii so are replaced
            // by ?
            var asciiCredentials = (from c in credentials
                                    select c <= 0x7f ? (byte)c : (byte)'?').ToArray();

            //finally Base64 encode the result
            return Convert.ToBase64String(asciiCredentials);
        }

此外，我已经将 IIS 虚拟目录中的“基本身份验证”设置为“启用”。

每次我遇到一些不同的错误异常时： CommunicationException 或 SecurityException 或其他...

有人有什么想法可以解决我的问题吗？

谢谢。 杰森

Answer 1

客户端还需要指定客户端配置中缺少的 clientCredentialType。所以客户端不需要发送凭据，但服务需要它们