【WCF安全】SOAP消息实现用户名验证：通过OperationContext直接添加/访问MessageHeader信息

 

服务代码

1.契约

using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;

namespace 消息拦截实现用户名验证
{
    [ServiceContract(Namespace="http://localhost/")]
    public interface IService1
    {
        [OperationContract]
        string GetData(int value);

    }
}

 

2.服务实现

using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;

namespace 消息拦截实现用户名验证
{
    public class Service1 : IService1
    {
        public string GetData(int value)
        {
            string msg = OperationContext.Current.RequestContext.RequestMessage.ToString();
            // 注意namespace必须和ServiceContract中定义的namespace保持一致，默认是：http://tempuri.org  
            var ns = "http://localhost/";
            var user = GetHeaderValue("user", ns);
            var pwd = GetHeaderValue("pwd", ns);
            // 验证失败
            if (user != "Guest01" || pwd != "123")
                return msg += "/r/n用户名密码错误";
            return msg += "/r/n" + string.Format("You entered: {0}", value);
        }
        private string GetHeaderValue(string name, string ns = "http://tempuri.org")
        {
            var headers = OperationContext.Current.IncomingMessageHeaders;
            var index = headers.FindHeader(name, ns);
            if (index > -1)
                return headers.GetHeader<string>(index);
            else
                return null;
        }
    }
}

3.服务配置(Demo中采用的是默认配置)

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <!-- 为避免泄漏元数据信息，请在部署前将以下值设置为 false 并删除上面的元数据终结点 -->
          <serviceMetadata httpGetEnabled="true"/>
          <!-- 要接收故障异常详细信息以进行调试，请将以下值设置为 true。在部署前设置为 false 以避免泄漏异常信息 -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
  </system.serviceModel>
 <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
  </system.webServer>
</configuration>

 

客户端

1.客户端代码

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.ServiceModel.Channels;
using System.ServiceModel;

namespace 客户端
{
    class Program
    {
        static void Main(string[] args)
        {
            try
            {
                SR01.Service1Client sc = new SR01.Service1Client();
                using (var scope = new OperationContextScope(sc.InnerChannel))
                {
                    // 注意namespace必须和ServiceContract中定义的namespace保持一致，默认是：http://tempuri.org  
                    var myNamespace = "http://localhost/";
                    // 注意Header的名字中不能出现空格，因为要作为Xml节点名。  
                    var user = MessageHeader.CreateHeader("user", myNamespace, "Guest01");
                    var pwd = MessageHeader.CreateHeader("pwd", myNamespace, "123");
                    OperationContext.Current.OutgoingMessageHeaders.Add(user);
                    OperationContext.Current.OutgoingMessageHeaders.Add(pwd);
                    string res = sc.GetData(1);
                    Console.WriteLine(res);
                }
            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
            }
            Console.ReadLine();
        }
    }
}

 

2.客户端配置

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="BasicHttpBinding_IService1" closeTimeout="00:01:00"
                    openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
                    allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
                    maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
                    messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
                    useDefaultWebProxy="true">
                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                    <security mode="None">
                        <transport clientCredentialType="None" proxyCredentialType="None"
                            realm="" />
                        <message clientCredentialType="UserName" algorithmSuite="Default" />
                    </security>
                </binding>
            </basicHttpBinding>
        </bindings>
        <client>
            <endpoint address="http://localhost:7105/Service1.svc" binding="basicHttpBinding"
                bindingConfiguration="BasicHttpBinding_IService1" contract="SR01.IService1"
                name="BasicHttpBinding_IService1" />
        </client>
    </system.serviceModel>
</configuration>

 

返回结果：

红框部分为正常返回值；其它部分为SOAP XML内容