1、使用asp.net成员资格提供程序
指定安全访问并设定访问权限
using System.Security.Permissions;
using System.Security.Principal;
using System.ServiceModel;
using System.ServiceModel.Activation;
using System.Web.Security;
[PrincipalPermission(SecurityAction.Demand, Role = "Users")]
数据库连接字符串
<connectionStrings> <add name="SqlConn" connectionString="Data Source=localhost;User ID=sa;Password=sasa123;Initial Catalog=aspnetdb;"/> </connectionStrings>
成员资格节点
<membership defaultProvider="SqlMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear /> <add name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SqlConn" applicationName="MembershipAndRoleProviderSample" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" /> </providers> </membership>
权限管理节点
<roleManager enabled ="true" defaultProvider ="SqlRoleProvider" > <providers> <add name ="SqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="SqlConn" applicationName="MembershipAndRoleProviderSample"/> </providers> </roleManager>
服务行为节点
<behaviors> <serviceBehaviors> <behavior name="CalculatorServiceBehavior"> <serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName ="SqlRoleProvider" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode ="MembershipProvider" membershipProviderName ="SqlMembershipProvider"/> <serviceCertificate storeLocation ="LocalMachine" storeName ="My" x509FindType ="FindBySubjectName" findValue ="localhost" /> </serviceCredentials> <serviceDebug includeExceptionDetailInFaults="false" /> <serviceMetadata httpGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors>
2、使用自定义用户名和密码验证程序
3、消息安全证书