WCF:REST + Basic authentification + IIS
2024-09-04 00:10:36
近期一个项目中用到Restful WCF提供服务,但是需要验证机制,网上搜刮了一些,都是太复杂。翻墙找到了一篇不错的文章分享一下。
原地址连接:http://vgolovchenko.wordpress.com/2012/05/20/wcf-soaprest-ssl-basic-authentification-iis/
如何实现REST + Basic auth?
1. 创建WCF lib宿主到iis上
参考:http://www.cnblogs.com/yongqiangyue/p/4050258.html
参考:http://www.cnblogs.com/wlflovenet/archive/2011/10/28/WCFREST.html
2. 利用类BasicAuthenticationManager来解析BasicAuth http-header并且验证
代码如下:
public class BasicAuthenticationManager : ServiceAuthorizationManager
{
protected override bool CheckAccessCore(OperationContext operationContext)
{
try
{
var msg = operationContext.RequestContext.RequestMessage; // If user requests standart help-page then ignore authentication check.
if (msg.Properties.ContainsKey("HttpOperationName") && msg.Properties["HttpOperationName"].ToString() == "HelpPageInvoke")
{
return base.CheckAccessCore(operationContext);
} var httpRequestHeaders = ((HttpRequestMessageProperty) msg.Properties[HttpRequestMessageProperty.Name]).Headers; // Is Authorization-header contained in http-headers?
if (!httpRequestHeaders.AllKeys.Contains(HttpRequestHeader.Authorization.ToString()))
{
return false;
} // Try to parse standart Basic-auth header.
var authenticationHeaderBase64Value = httpRequestHeaders[HttpRequestHeader.Authorization.ToString()];
var basicAuthenticationFormatString = Base64EncodeHelper.DecodeUtf8From64(authenticationHeaderBase64Value).Remove(0, "Basic ".Length);
var basicAuthenticationParams = basicAuthenticationFormatString.Split(new[] {':'}, 2);
var login = basicAuthenticationParams.FirstOrDefault();
var password = basicAuthenticationParams.LastOrDefault(); // Check credentials.// 自定义验证方式:CAuthorizationAPI是自己封装的验证用户名和密码的方法类
if(!CAuthorizationAPI.Validate(login, password))
{
return false;
}
}
catch (Exception ex)
{
return false;
} return base.CheckAccessCore(operationContext);
}
}
对应的配置文件修改(behavior-section部分的修改)<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<behaviors>
<!--<endpointBehaviors>
<behavior name="">
<webHttp helpEnabled="true" faultExceptionEnabled="true" />
</behavior>
</endpointBehaviors>-->
<serviceBehaviors>
<behavior>
<!-- 为避免泄漏元数据信息,
请在部署前将以下值设置为 false 并删除上面的元数据终结点 -->
<serviceMetadata httpGetEnabled="True" />
<!-- 要接收故障异常详细信息以进行调试,
请将以下值设置为 true。在部署前设置为 false
以避免泄漏异常信息-->
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceAuthorization serviceAuthorizationManagerType="DMService.Infrastructure.BasicAuthenticationManager, DMService" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>3. 写一个测试程序:增加basic auth http-headerprivate static void Main(string[] args)
{
try
{
var request = WebRequest.Create(string.Format("http://localhost:21568/api/test/yueyq/{0}", Uri.EscapeDataString("rest-client (ssl-basic auth)"))); // ! Remove this string in production code. Emulate working with the trusted certificate.
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; }; // The straightforward passing of credential parameter for demo.
const string login = "user";
const string password = "password"; request.Headers.Add(
HttpRequestHeader.Authorization,
Base64EncodeHelper.EncodeUtf8To64(string.Format("Basic {0}:{1}", login, password))); using (var reader = new StreamReader(request.GetResponse().GetResponseStream()))
{
Console.WriteLine(reader.ReadToEnd());
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
} Console.WriteLine("\n press Enter to exit..");
Console.ReadLine();
}
}4. 类Base64EncodeHelper的实现public static class Base64EncodeHelper
{
/// <summary>
/// The method create a Base64 encoded string from a normal string.
/// </summary>
/// <param name="toEncode">The String containing the characters to encode.</param>
/// <returns>The Base64 encoded string.</returns>
public static string EncodeUtf8To64(string toEncode)
{
var toEncodeAsBytes = Encoding.UTF8.GetBytes(toEncode);
var returnValue = Convert.ToBase64String(toEncodeAsBytes);
return returnValue;
} /// <summary>
/// The method to Decode your Base64 strings.
/// </summary>
/// <param name="encodedData">The String containing the characters to decode.</param>
/// <returns>A String containing the results of decoding the specified sequence of bytes.</returns>
public static string DecodeUtf8From64(string encodedData)
{
var encodedDataAsBytes = Convert.FromBase64String(encodedData);
var returnValue = Encoding.UTF8.GetString(encodedDataAsBytes);
return returnValue;
}
}
更多的关于WCF安全可以详细的查看下面链接:http://wcfsecurityguide.codeplex.com/
最新文章
- centos7 docker activemq
- Android获取屏幕实际高度跟显示高度,判断Android设备是否拥有虚拟功能键
- Android控件Gridview实现仿支付宝首页,Fragment底部按钮切换和登录圆形头像
- GnuPG 1.4.15 发布,邮件加密工具
- java io (一)
- linux yum 命令 详解
- JavaMail组件实现邮件功能
- javascript 可控速度的上下拉菜单
- centOS7 mini配置linux服务器(一)安装centOs7
- css动画特效与js动画特效(一)------2017-03-24
- Python教程(1.2)——Python交互模式
- .NET平台开源项目速览(21)Cron任务调度CronNET
- Android文件大头10G
- loadrunner之java user脚本开发
- k-近邻法(kNN)
- 未能加载文件或程序集“SuperMap.Mapping, Version=7.0.0.0, Culture=neutral, PublicKeyToken=0635c574ea890381”或它的某一个依赖项。试图加载格式不正确的程序。
- Python2--Pytest_html测试报告优化(解决中文输出问题)
- reshape
- 下载EU台网(欧洲台网)的地震波数据
- pytest十一:函数传参和 firture 传参数 request