gpt4 book ai didi

windows - 如何实现WebServiceHost认证?

转载 作者:可可西里 更新时间:2023-11-01 11:56:14 27 4
gpt4 key购买 nike

我知道 webservicehost 类上的身份验证不完全符合身份验证标准(返回 403 forbidden 而不是在用户输入不正确的凭据时提示输入另一组凭据)。

我仍然希望实现这种基本身份验证(在 session 开始时使用用户名和密码,不需要 HTTPS - 见下图),因为它适合我对小型家庭项目的需求。

The type of authentication I want

myService 的代码如下:

Imports System.IO
Imports System.Text
Imports System.ServiceModel
Imports System.ServiceModel.Web
Imports System.ServiceModel.Channels

<ServiceContract()>
Public Class myService
<OperationContract(), WebGet(UriTemplate:="/xml/{argument1}/{argument2}")>
Public Function XML(argument1 As String, argument2 As String) As Stream
requestCounter += 1
Console.WriteLine("xml data request at " & DateTime.Now.ToString() & ", request count= " & requestCounter)
Console.WriteLine(WebOperationContext.Current.IncomingRequest.UserAgent.ToString())
Return _ReturnXML("<xmlresponse><data><argument1>" & argument1 & "</argument1><argument2>" & argument2 & "</argument2></data><server><serverlivesince>" & serverStart.ToString() & "</serverlivesince><pageservetime>" & DateTime.Now.ToString() & "</pageservetime><requestcount>" & requestCounter & "</requestcount></server></xmlresponse>")
'returns the first two parameters, and the time and date
End Function

Private Shared Function _ReturnXML(_result As String) As Stream
Dim data = Encoding.UTF8.GetBytes(_result)

WebOperationContext.Current.OutgoingResponse.ContentType = "text/xml; charset=utf-8"
WebOperationContext.Current.OutgoingResponse.ContentLength = data.Length

Return New MemoryStream(data)
End Function
End Class

然后我有类似的代码来返回 HTML 以及接受其他参数组合。

在我的主类中,我将此服务实例化并打开为:

Dim varWebService = New WebServiceHost(GetType(MyWebService), New Uri("http://0.0.0.0/"))
varWebService.Open()

谁能给我提供代码来实现这个简单的身份验证?或者给我一个详尽的教程?感谢您的帮助

最佳答案

您可以通过继承并更改一些默认参数来编写自定义 WebServiceHost,如下所示。

您的代码中唯一的变化是

Dim varWebService = New AuthenticatedWebServiceHost(GetType(MyWebService), New Uri("http://0.0.0.0/"))

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.IdentityModel;
using System.IdentityModel.Selectors;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.ServiceModel.Security;
using System.ServiceModel.Description;

namespace StackOverflow
{
public class AuthenticatedWebServiceHost : WebServiceHost
{
public AuthenticatedWebServiceHost(Type type, Uri url)
{
IDictionary<string, ContractDescription> desc = null;
base.InitializeDescription(type, new UriSchemeKeyedCollection());
base.CreateDescription(out desc);
var val = desc.Values.First();

WebHttpBinding binding = new WebHttpBinding();
binding.Security.Mode = WebHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;

base.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
base.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new CustomUserNamePasswordValidator();

base.AddServiceEndpoint(val.ContractType, binding, url);
}

//Possible next question:
//"How can I get the name of the authenticated user?"
public static string UserName
{
get
{
if (OperationContext.Current == null) return null;
if (OperationContext.Current.ServiceSecurityContext == null) return null;
if (OperationContext.Current.ServiceSecurityContext.PrimaryIdentity == null) return null;
return OperationContext.Current.ServiceSecurityContext.PrimaryIdentity.Name;
}
}



public class CustomUserNamePasswordValidator : UserNamePasswordValidator
{
public override void Validate(string userName, string password)
{
//Your logic to validate username/password
if (userName != password)
throw new SecurityAccessDeniedException();
}
}
}
}

关于windows - 如何实现WebServiceHost认证?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15915545/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com