问题
I have a WCF (v3.5 with webHttpBinding) service hosted in IIS 6. I would like to implement custom authentication before someone can access the service i.e. user details are stored in db.
But as I read on various posts and forums, for WCF services hosted in IIS only windows authentication is possible. There is no out-of-the-box way to deal with this.
Can someone suggest some work around? I believe this is a very common problem that many people must have come across before.
回答1:
I could implement custom authentication with the help of following links -
http://www.codeproject.com/KB/WCF/BasicAuthWCFRest.aspx (Solution uses WCF REST starter kit)
http://www.codeproject.com/KB/WCF/AutomaticCultureFlow.aspx (Pointers without the starter kit)
I could do it without the starter kit by using Message Inspector on server side. I implemented the AfterReceiveRequest and BeforeSendReply methods to perform the authentication. I had to add the custom behavior to webHttpBinding since I am creating a RESTful service.
来源:https://stackoverflow.com/questions/5143221/custom-authentication-for-iis-hosted-wcf-services