我已经获得了以下app.config条目,但是我希望将其作为我的应用程序中的代码,以便更好地理解WCF。
是否有转换器,或者某人可以提供代码。感谢。
<system.serviceModel>
<client>
<endpoint name="QA" address="https://subdomain1.theirdomain.com/5067/Sample1"
behaviorConfiguration="WSSecBehavior" binding="customBinding"
bindingConfiguration="Soap11_Secure"
contract="star.starTransportPortTypes" />
<endpoint name="PROD" address="https://subdomain1.theirdomain.com/5067/Sample1"
behaviorConfiguration="WSSecBehavior" binding="customBinding"
bindingConfiguration="Soap11_Secure"
contract="star.starTransportPortTypes" />
</client>
<bindings>
<customBinding>
<binding name="Soap11_Secure">
<textMessageEncoding messageVersion="Soap11" />
<security defaultAlgorithmSuite="Basic128Rsa15"
allowSerializedSigningTokenOnReply="true"
authenticationMode="MutualCertificate"
messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
</security>
<httpsTransport maxBufferSize="5000000"
maxReceivedMessageSize="5000000" />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="WSSecBehavior">
<clientCredentials>
<clientCertificate storeLocation="CurrentUser"
storeName="My" x509FindType="FindBySubjectName"
findValue="*.mydomain.org.uk" />
<serviceCertificate>
<!-- you my have to add this if your client cannot check revocations -->
<authentication revocationMode="NoCheck" />
<scopedCertificates>
<add targetUri="https://subdomain1.theirdomain.com/Sample1"
storeName="AddressBook"
x509FindType="FindBySubjectName"
findValue="subdomain1.theirdomain.com" />
</scopedCertificates>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
</system.serviceModel>
到目前为止,我有这个:
Dim asbe As New Channels.AsymmetricSecurityBindingElement
asbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10
asbe.DefaultAlgorithmSuite = Security.SecurityAlgorithmSuite.Basic128Rsa15 'By default, AES-128 is used as the encryption algorithm.
asbe.AllowSerializedSigningTokenOnReply = True
asbe.InitiatorTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
asbe.RecipientTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
asbe.MessageProtectionOrder = Security.MessageProtectionOrder.SignBeforeEncrypt
'Add the elements to the custom binding
Dim myBinding As New CustomBinding
'element order is important - see http://msdn.microsoft.com/en-us/library/ms733893(v=vs.90).aspx
'Protocol Binding Elements (security)
myBinding.Elements.Add(asbe)
'Encoding Binding Element
myBinding.Elements.Add(New TextMessageEncodingBindingElement(MessageVersion.Soap11, System.Text.Encoding.UTF8))
'Transport Binding Element
Dim httpsBindingElement As New HttpsTransportBindingElement()
httpsBindingElement.MaxBufferSize = 5000000
httpsBindingElement.MaxReceivedMessageSize = 5000000
myBinding.Elements.Add(httpsBindingElement)
Dim epi As EndpointIdentity = EndpointIdentity.CreateDnsIdentity("subdomain.theirdomain.com")
Dim epuri As Uri = New Uri("https://subsomain1.theirdomain.com/5067/ProcessRepairOrder")
Dim ea As New EndpointAddress(epuri, epi, New AddressHeaderCollection)
' Create the client.
Dim starClientProxy As New wcfStarServiceProxy.starTransportPortTypesClient(myBinding, ea)
' Specify a certificate to use for authenticating the client.
starClientProxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "*.mydomain.org.uk")
starClientProxy.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.AddressBook, X509FindType.FindBySubjectName, "subdomain.theirdomain.com")
' Begin using the client.
Dim response As wcfStarServiceProxy.AcknowledgeRepairOrderPayload = starClientProxy.ProcessMessage(payload)
我不确定我还需要做什么。我找不到如何在AsymmetricSecurityBindingElement上设置authenticationMode =“MutualCertificate”。
此外,是否有任何工具可以在代码和配置之间进行转换,然后再返回?
答案 0 :(得分:1)
不要直接创建AsymmetricSecurityBindingElement。而是使用这样的东西:
SecurityBindingElement.CreateMutualCertificateBindingElement
答案 1 :(得分:1)
这有效:
Dim asbe As New Channels.AsymmetricSecurityBindingElement
asbe.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10
asbe.DefaultAlgorithmSuite = Security.SecurityAlgorithmSuite.Basic128Rsa15 'By default, AES-128 is used as the encryption algorithm.
asbe.AllowSerializedSigningTokenOnReply = True
asbe.InitiatorTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
asbe.RecipientTokenParameters = New ServiceModel.Security.Tokens.X509SecurityTokenParameters
asbe.MessageProtectionOrder = Security.MessageProtectionOrder.SignBeforeEncrypt
asbe.SetKeyDerivation(False)
'Add the elements to the custom binding
Dim myBinding As New CustomBinding
'element order is important - see http://msdn.microsoft.com/en-us/library/ms733893(v=vs.90).aspx
'Protocol Binding Elements (security)
myBinding.Elements.Add(asbe)
'Encoding Binding Element
myBinding.Elements.Add(New TextMessageEncodingBindingElement(MessageVersion.Soap11, System.Text.Encoding.UTF8))
'Transport Binding Element
Dim httpsBindingElement As New HttpsTransportBindingElement()
'httpsBindingElement.RequireClientCertificate = True
httpsBindingElement.MaxBufferSize = 5000000
httpsBindingElement.MaxReceivedMessageSize = 5000000
myBinding.Elements.Add(httpsBindingElement)
Dim ea As New EndpointAddress("https://subdomain.theirdomain.com/5067/ProcessRepairOrder")
' Create the client.
Dim starClientProxy As New VHC.Server.FordWarehouse2.ServiceReference1.starTransportPortTypesClient(myBinding, ea)
' Specify a certificate to use for authenticating the client.
starClientProxy.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, "*.mydomain.org.uk")
starClientProxy.ClientCredentials.ServiceCertificate.SetDefaultCertificate(StoreLocation.CurrentUser, StoreName.AddressBook, X509FindType.FindBySubjectName, "subdomain.theirdomain.com")
' Begin using the client.
Dim response As VHC.Server.FordWarehouse2.ServiceReference1.AcknowledgeRepairOrderPayload = starClientProxy.ProcessMessage(payload)