0
我有一個簡單的Web服務託管在控制檯應用程序內。它的工作原理有一個問題:認證無法正常工作。爲什麼不調用UserNamePasswordValidator.Validate?
我的app.config情況如下:
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="NewBinding0">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Mg">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
<serviceCredentials>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="TSOWS.UserValidator,TSOWS" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<!--<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />-->
<services >
<service name="TSOWS.TSOWS" behaviorConfiguration="Mg" >
<endpoint address="/MyAddress" binding="wsHttpBinding" contract="TSOWS.ITSOWS" />
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
<host>
<baseAddresses >
<add baseAddress="http://10.120.170.181:8181/TSOWS.svc" />
</baseAddresses>
</host>
</service >
</services>
</system.serviceModel>
,我的驗證是:
public class UserValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
if (null == userName || null == password)
{
throw new ArgumentNullException();
}
if (!(userName == "TSOWSUser" && password == "password"))
{
throw new SecurityTokenException("Unknown Username or Password");
}
}
}
的UserValidator.Validate,不會被調用Web服務是開放的,沒有必要提供任何用戶名或密碼。
任何想法爲什麼會發生這種情況?
我需要服務器證書才能使用身份驗證嗎?