I am building a custom UserNamePasswordValidator for a WCF service. I am wiring up the service with Autofac + WCF/multitenant, all fitting neatly together. However I'm not sure what strategy to use to wire/implement this authentication class.
Ideally, I would start with
public class MyValidator : UserNamePasswordValidator {
public MyValidator(Func<Owned<IMyUserService>> userservicefactory) {
...
}
}
However, this isn't strictly possible because of the way that a UserNamePasswordValidator is consumed by WCF (the only option appears to be parameterless constructor).
So, questions:
I configured the service host in code at startup or within a custom ServiceHostFactory.
From the XML configuration, I removed
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="Common.MyCustomUsernamePasswordValidator, Common"/ -->
And since I configured my container prior to hosting:
var auth = host.Credentials.UserNameAuthentication;
auth.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
auth.CustomUserNamePasswordValidator = container.Resolve<Common.MyCustomUsernamePasswordValidator>();
You may take a look at UserNameSecurityTokenAuthenticator, you can do the validation in this class and skip the UsernamepasswordValidator.
And you can implement your own ServiceCredentialsSecurityTokenManager, which you can determine how to create the authenticator.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With