在WCF中，對於webHttpBinding，當服務器使用基本身份驗證時，如何在客戶端web.config中指定憑據？

Question

我有兩個WCF RESTful服務 - 「一般」服務是公共的，沒有安全性;我打算通過SSL使用基本身份驗證的「管理」服務。這是我的服務器端的web.config：

<system.serviceModel> 
    <bindings> 
     <webHttpBinding> 
      <binding name="general" maxReceivedMessageSize="2147483647"> 
       <readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647" /> 
       <security mode="None"> 
        <transport clientCredentialType="None" /> 
       </security> 
      </binding> 
      <binding name="admin" maxReceivedMessageSize="2147483647"> 
       <readerQuotas maxArrayLength="2147483647" maxStringContentLength="2147483647" /> 
       <security mode="Transport"> 
        <transport clientCredentialType="Basic" /> 
       </security> 
      </binding> 
     </webHttpBinding> 
    </bindings> 
    <behaviors> 
     <serviceBehaviors> 
      <behavior> 
       <serviceMetadata httpGetEnabled="true"/> 
       <serviceDebug includeExceptionDetailInFaults="false"/> 
      </behavior> 
     </serviceBehaviors> 
     <endpointBehaviors> 
      <behavior name="web"> 
       <webHttp/> 
      </behavior> 
     </endpointBehaviors> 
    </behaviors> 
    <services> 
     <service name="MyNamespace.AppServices.GeneralService"> 
      <endpoint address="" binding="webHttpBinding" contract="MyNamespace.Contracts.IGeneralService" behaviorConfiguration="web" bindingConfiguration="general" /> 
     </service> 
     <service name="MyNamespace.AppServices.AdminService"> 
      <endpoint address="" binding="webHttpBinding" contract="MyNamespace.Contracts.IAdminService" behaviorConfiguration="web" bindingConfiguration="admin" /> 
     </service> 
    </services> 
</system.serviceModel> 

在客戶端，我現在有代碼看起來像這樣：

private static IGeneralService GetGeneralChannel() 
{ 
    WebHttpBinding binding = new WebHttpBinding(); 
    binding.Security.Mode = WebHttpSecurityMode.None; 
    binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None; 
    binding.MaxReceivedMessageSize = Int32.MaxValue; 
    binding.ReaderQuotas.MaxStringContentLength = Int32.MaxValue; 
    binding.ReaderQuotas.MaxArrayLength = Int32.MaxValue; 

    WebChannelFactory<IGeneralService> cf = new WebChannelFactory<IGeneralService>(binding, new Uri("http://localhost:1066/GeneralService")); 
    IGeneralService channel = cf.CreateChannel(); 
    return channel; 
} 

private static IAdminService GetAdminChannel() 
{ 
    WebHttpBinding binding = new WebHttpBinding(); 
    binding.Security.Mode = WebHttpSecurityMode.Transport; 
    binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic; 
    binding.MaxReceivedMessageSize = Int32.MaxValue; 
    binding.ReaderQuotas.MaxStringContentLength = Int32.MaxValue; 
    binding.ReaderQuotas.MaxArrayLength = Int32.MaxValue; 

    WebChannelFactory<IAdminService> cf = new WebChannelFactory<IAdminService>(binding, new Uri("http://localhost:1066/AdminService")); 
    cf.Credentials.UserName.UserName = "myUserName"; 
    cf.Credentials.UserName.Password = "myPassword"; 

    IAdminService channel = cf.CreateChannel(); 
    return channel; 
} 

的問題是，因爲我顯然不想硬編碼所有這些配置信息，我如何需要在客戶端的web.config中提供它？我很清楚綁定元素在客戶端上的樣子與在服務器上的樣子相同。但是，我在哪裏指定分配給WebChannelFactory的憑證？

任何幫助和/或見解將不勝感激。

謝謝你，史蒂夫

Answer 1

你不能把這些憑據（用戶名和密碼）到web.config中，並已WCF從那裏閱讀。這是WCF中極少數無法在config中完成的功能之一 - 您必須在代碼中設置這些憑據。

當然，在你的代碼中，你可以從例如一個數據庫表或某個配置項 - 但你必須自己做。無法將WCF配置爲自動從某處讀取這些設置。