我覺得我很接近,但我是WCF的新手,並不能找出爲什麼這不起作用。我嘗試過搜索,但是我找不到使用aspnet成員身份但不使用消息級安全性的示例。我試圖通過https從Android進行身份驗證到WCF服務。它工作得很好,直到我將clientCredentialType從'None'更改爲'Basic'。我必須通過用戶名和密碼進行身份驗證。當我嘗試通過運行slsvcutil.exe對https://myPublicWebsite/ABCService/ABC.svc
來更新我的代理它提供了以下錯誤:WCF身份驗證 - TransportCredentialOnly ASPNET成員
The authentication schemes configured on the host ('IntegratedWindowsAuthentication, Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Basic'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.
這是我服務的web.config文件。感謝你給與我的幫助。
<system.web>
<compilation debug="false" strict="false" explicit="true" targetFramework="4.0" />
<customErrors mode="Off" />
<membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15">
<providers>
<remove name="AspNetSqlMembershipProvider" />
<clear />
<add
name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider"
connectionStringName="LocalSqlServer"
applicationName="ABC"
enablePasswordRetrieval="false"
enablePasswordReset="false"
requiresQuestionAndAnswer="false"
minRequiredPasswordLength="8"
requiresUniqueEmail="true"
passwordFormat="Hashed" />
</providers>
</membership>
</system.web>
<system.serviceModel>
<services>
<service name="ABCService.ABC" behaviorConfiguration="metadataBehavior">
<endpoint
address=""
binding="basicHttpBinding"
bindingConfiguration="ABCBinding"
contract="ABCService.IService1"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="metadataBehavior">
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
<serviceCredentials>
<userNameAuthentication
userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="AspNetSqlMembershipProvider" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="ABCBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https"/>
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<directoryBrowse enabled="false"/>
</system.webServer>
此外,我要在服務代碼中運行驗證檢查?我有這樣的:
Public Class MyCustomUserNameValidator
Inherits IdentityModel.Selectors.UserNamePasswordValidator
' This method validates users. It allows two users, test1 and test2
' with passwords 1tset and 2tset respectively.
' This code is for illustration purposes only and
' MUST NOT be used in a production environment because it is NOT secure.
Public Overrides Sub Validate(ByVal userName As String, ByVal password As String)
If Nothing = userName OrElse Nothing = password Then
Throw New ArgumentNullException()
End If
If Not (userName = "test1" AndAlso password = "1tset") AndAlso Not (userName = "test2" AndAlso password = "2tset") Then
Throw New IdentityModel.Tokens.SecurityTokenException("Unknown Username or Password")
End If
End Sub
End Class
但我實在不明白它是如何工作的,因爲我從來沒有稱呼它,我寧願使用默認一個比一個自定義的。我確信這很簡單,但我可以通過搜索找到的所有示例都是用於'自定義'驗證器。這會自動調用嗎?或者我甚至需要它,如果我只是想默認?
你是正確的。但是,我使用Xamarin,但他們不支持使用郵件安全性。是否可以在不使用Active Directory的情況下使用傳輸和基本安全性?我可以用其他方式使用會員供應商嗎? – user2197610
也許吧。你可以試試這個http://custombasicauth.codeplex.com/ – LostInComputer
我想要遵循http://leastprivilege.com/2007/10/31/finally-usernames-over-transport-authentication-in-wcf/,但我得到同樣的錯誤。而奇怪的部分是我已經將IIS設置更改爲authentication =「None」,並且當我瀏覽到該網站時,仍然會提示您輸入Windows憑據。任何想法?非常感謝! – user2197610