IIS托管的WCF服务的自定义身份验证?
我在IIS 6中托管了WCF(带有webHttpBinding的v3.5)服务.我希望在有人可以访问该服务之前(即用户详细信息存储在db中)实施自定义身份验证.
I have a WCF (v3.5 with webHttpBinding) service hosted in IIS 6. I would like to implement custom authentication before someone can access the service i.e. user details are stored in db.
但是,正如我在各种帖子和论坛上所读到的那样,对于IIS中托管的WCF服务,仅Windows身份验证是可行的.没有现成的方法可以解决这个问题.
But as I read on various posts and forums, for WCF services hosted in IIS only windows authentication is possible. There is no out-of-the-box way to deal with this.
有人可以建议一些解决方法吗?我相信这是很多人之前必须遇到的一个非常普遍的问题.
Can someone suggest some work around? I believe this is a very common problem that many people must have come across before.
我可以在以下链接的帮助下实现自定义身份验证-
I could implement custom authentication with the help of following links -
http://www.codeproject.com/KB/WCF/BasicAuthWCFRest.aspx (解决方案使用WCF REST入门套件)
http://www.codeproject.com/KB/WCF/BasicAuthWCFRest.aspx (Solution uses WCF REST starter kit)
http://www.codeproject.com/KB/WCF/AutomaticCultureFlow.aspx (没有入门工具包的指针)
http://www.codeproject.com/KB/WCF/AutomaticCultureFlow.aspx (Pointers without the starter kit)
我可以在不使用入门工具包的情况下通过使用服务器端的Message Inspector来做到这一点.我实现了AfterReceiveRequest和BeforeSendReply方法来执行身份验证.自创建RESTful服务以来,我不得不将自定义行为添加到webHttpBinding中.
I could do it without the starter kit by using Message Inspector on server side. I implemented the AfterReceiveRequest and BeforeSendReply methods to perform the authentication. I had to add the custom behavior to webHttpBinding since I am creating a RESTful service.