WCF 身份驗證 經過檢查客戶端IP

WCF 身份驗證

功能描述:

服務運行的時候，經過配置文件獲取全部可訪問SOA端的服務IP。每次客戶調用服務時獲取IP對比斷定經過。

如下是獲取客戶端IP的代碼:

 /*************************************************************************************
 * 代碼:吳蔣
 * 時間:2012.02.07
 * 說明:安全類
 * 其餘:
 * 修改人：
 * 修改時間：
 * 修改說明：
 ************************************************************************************/
using System.ServiceModel;
using System.ServiceModel.Channels;

namespace Tools
{
    public class Safe
    {
        public static Safe Instance()
        {
            return new Safe();
        }

        public string ClientIp()
        {             
            OperationContext context = OperationContext.Current;
            MessageProperties properties = context.IncomingMessageProperties;
            RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
            return endpoint.Address;
        }

        public string ClientPort()
        { 
            OperationContext context = OperationContext.Current;
            MessageProperties properties = context.IncomingMessageProperties;
            RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
            return endpoint.Port.ToString();
        }

        public string ClientIpAndPort()
        {
            OperationContext context = OperationContext.Current;
            MessageProperties properties = context.IncomingMessageProperties;
            RemoteEndpointMessageProperty endpoint = properties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty;
            return endpoint.Address + ";" + endpoint.Port.ToString();
        }
    }
}

 

XML 存放可訪問IP

1 <?xml version="1.0" encoding="utf-8" ?>
2 <configuration>
3 <ip>192.168.0.71</ip>
4 <ip>192.168.0.6</ip>
5 <ip>127.0.0.1</ip>
6 <ip>192.168.0.72</ip>
7 <ip>192.168.0.136</ip>
8 <ip>192.168.0.3</ip>
9 </configuration>

#region 特殊函數
      /// <summary>
 /// 匹配容許訪問IP
 /// </summary>
 /// <param name="path">文件路徑</param>
 /// <param name="node">節點名稱</param>
 /// <returns>轉換爲DataTable</returns>
 public DataTable ReadRunIP(string path, string node)
 {
 XmlDocument doc = new XmlDocument();
 doc.Load(path);
 DataTable dt = new DataTable();
 dt.Columns.Add("ip", typeof(string));
 XmlNodeList xnlist = doc.SelectNodes(node);
 if (xnlist.Count > 0)
 {
 for (int i = 0; i < xnlist.Count; i++)
 {
 DataRow dr = dt.NewRow();
 dr["ip"] = xnlist[i].InnerText;
 dt.Rows.Add(dr);
 }
 }
 return dt;
 }
 #endregion

頁面加載時獲取全部可訪問IP

1 public static DataTable dtRunIp;
2 public static string MapPath = ConfigurationManager.ConnectionStrings["configPath"].ConnectionString; 
3 
4 protected void Application_Start(object sender, EventArgs e)
5 {
6 dtRunIp = XMLHelper.XmlHelper.Instance().ReadRunIP(MapPath + "/Config/RunConfig.config", "//configuration/ip");
7 }

 

 

 

判斷IP許可

 

 

在服務中的應用：

 1 [ServiceContract]
 2 public class SOAControl
 3 {
 4 string msgr = "無訪問權限、服務器積極拒絕";
 5 //獲取xml文檔
 6 [OperationContract]
 7 public string GetXML(ref string msg)
 8 {
 9 
10 if (Certificate.IsCanRead())
11 { 
12 return XmlHelper.Instance().XmlDocumentToString(Global.MapPath + "/Control/Control.config".ToString());
13 }
14 else
15 {
16 msg = msgr;
17 return null;
18 }
19 }

 

 1 public static bool IsCanRead()
 2 {
 3 string clientIp = Tools.Safe.Instance().ClientIp();
 4 bool r = false;
 5 if (Global.dtRunIp.Rows.Count > 0)
 6 {
 7 for (int i = 0; i < Global.dtRunIp.Rows.Count; i++)
 8 {
 9 if (clientIp == Global.dtRunIp.Rows[i]["ip"].ToString())
10 {
11 r = true;
12 }
13 }
14 }
15 return r;
16 
17 }

 

WCF的配置文件設置

<?xml version="1.0"?>
<configuration>
 <system.serviceModel>
 <bindings>
 <wsHttpBinding>
 <binding name="NoneSecurity"
 maxBufferPoolSize="12000000" maxReceivedMessageSize="12000000" useDefaultWebProxy="false">
 <readerQuotas maxStringContentLength="12000000" maxArrayLength="12000000"/>
 <security mode="None"/>
 </binding>
 </wsHttpBinding>
 </bindings>
 <behaviors>
 <serviceBehaviors>
 <behavior name="Control.Service.SOAControlBehavior">
 <serviceMetadata httpGetEnabled="true"/>
 <serviceDebug includeExceptionDetailInFaults="false"/>
 </behavior>
 </serviceBehaviors>
 </behaviors>
 <services>
 <service behaviorConfiguration="Control.Service.SOAControlBehavior" name="Control.Service.SOAControl">
 <endpoint address="" binding="wsHttpBinding" contract="Control.Service.SOAControl" bindingConfiguration="NoneSecurity">
 <identity>
 <dns value="localhost"/>
 </identity>
 </endpoint>
 <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
 </service>
 </services>
 </system.serviceModel>
</configuration>