WCF 身份驗證
功能描述:
服務運行的時候,通過配置文件獲取所有可訪問SOA端的服務IP。每次客戶調用服務時獲取IP對比判定通過。
以下是獲取客戶端IP的代碼:
/************************************************************************************* * 代碼:吳蔣 * 時間:2012.02.07 * 說明:安全類 * 其他: * 修改人: * 修改時間: * 修改說明: ************************************************************************************/ using System.ServiceModel; using System.ServiceModel.Channels; namespace Tools { public class Safe { public static Safe Instance() { return new Safe(); } public string ClientIp() { OperationContext context = OperationContext.Current; MessageProperties properties = context.IncomingMessageProperties; RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty; return endpoint.Address; } public string ClientPort() { OperationContext context = OperationContext.Current; MessageProperties properties = context.IncomingMessageProperties; RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty; return endpoint.Port.ToString(); } public string ClientIpAndPort() { OperationContext context = OperationContext.Current; MessageProperties properties = context.IncomingMessageProperties; RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty; return endpoint.Address + ";" + endpoint.Port.ToString(); } } }
XML 存放可訪問IP
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<ip>192.168.0.71</ip>
<ip>192.168.0.6</ip>
<ip>127.0.0.1</ip>
<ip>192.168.0.72</ip>
<ip>192.168.0.136</ip>
<ip>192.168.0.3</ip>
</configuration>
頁面加載時獲取所有可訪問IP
public static DataTable dtRunIp;
public static string MapPath = ConfigurationManager.ConnectionStrings["configPath"].ConnectionString;
protected void Application_Start(object sender, EventArgs e)
{
dtRunIp = XMLHelper.XmlHelper.Instance().ReadRunIP(MapPath + "/Config/RunConfig.config", "//configuration/ip");
}
#region 特殊函數
/// <summary>
/// 匹配允許訪問IP
/// </summary>
/// <param name="path">文件路徑</param>
/// <param name="node">節點名稱</param>
/// <returns>轉換爲DataTable</returns>
public DataTable ReadRunIP(string path, string node)
{
XmlDocument doc = new XmlDocument();
doc.Load(path);
DataTable dt = new DataTable();
dt.Columns.Add("ip", typeof(string));
XmlNodeList xnlist = doc.SelectNodes(node);
if (xnlist.Count > 0)
{
for (int i = 0; i < xnlist.Count; i++)
{
DataRow dr = dt.NewRow();
dr["ip"] = xnlist[i].InnerText;
dt.Rows.Add(dr);
}
}
return dt;
}
#endregion
判斷IP許可
public static bool IsCanRead()
{
string clientIp = Tools.Safe.Instance().ClientIp();
bool r = false;
if (Global.dtRunIp.Rows.Count > 0)
{
for (int i = 0; i < Global.dtRunIp.Rows.Count; i++)
{
if (clientIp == Global.dtRunIp.Rows[i]["ip"].ToString())
{
r = true;
}
}
}
return r;
}
在服務中的應用:
[ServiceContract]
public class SOAControl
{
string msgr = "無訪問權限、服務器積極拒絕";
//獲取xml文檔
[OperationContract]
public string GetXML(ref string msg)
{
if (Certificate.IsCanRead())
{
return XmlHelper.Instance().XmlDocumentToString(Global.MapPath + "/Control/Control.config".ToString());
}
else
{
msg = msgr;
return null;
}
}
WCF的配置文件設置
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<bindings>
<wsHttpBinding>
<binding name="NoneSecurity"
maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" useDefaultWebProxy="false">
<readerQuotas maxStringContentLength="12000000" maxArrayLength="12000000"/>
<security mode="None"/>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="Control.Service.SOAControlBehavior">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="Control.Service.SOAControlBehavior" name="Control.Service.SOAControl">
<endpoint address="" binding="wsHttpBinding" contract="Control.Service.SOAControl" bindingConfiguration="NoneSecurity">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
</system.serviceModel>
</configuration>
注意事項,在客戶端訪問的時候是IP6的,可以直接將IP保存到XML文件中,或禁用IP6
源碼下載 http://download.csdn.net/detail/wujiang1984/4131313 點擊打開鏈接