我有一个托管WCF服务的Windows服务和一个与之通信的WPF应用程序。 WPF应用程序将位于同一网络上的其他计算机上。我在发送WCf消息时在两者之间设置安全性时遇到问题。以下是服务器和客户端app.config文件:
服务器
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<services>
<service behaviorConfiguration="WCFBehavior" name="WCF.WCFService">
<endpoint address="" binding="netTcpBinding" bindingConfiguration=""
name="NetTcpBindingEndpoint" contract="WCF.IWCFService">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" bindingConfiguration=""
name="MexTcpBindingEndpoint" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost:8731/WCFService/" />
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="WebHttp">
<webHttp />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="WCFBehavior">
<serviceMetadata httpGetEnabled="false" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceTimeouts transactionTimeout="05:05:00" />
<serviceThrottling maxConcurrentCalls="500" maxConcurrentSessions="500"
maxConcurrentInstances="2147483647" />
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsDualHttpBinding>
<binding name="WCFBinding">
<security mode="None">
</security>
</binding>
</wsDualHttpBinding>
<webHttpBinding>
<binding name="webHttpBindingWithJsonP" crossDomainScriptAccessEnabled="true" />
</webHttpBinding>
</bindings>
</system.serviceModel>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<probing privatePath="lib" />
</assemblyBinding>
</runtime>
</configuration>
客户端
<?xml version="1.0"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<probing privatePath="lib" />
</assemblyBinding>
</runtime>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding name="NetTcpBindingEndpoint" closeTimeout="00:01:05"
openTimeout="00:00:05" receiveTimeout="00:00:20" sendTimeout="00:00:20"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="None">
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="net.tcp://localhost:8731/WCFService/" binding="netTcpBinding"
bindingConfiguration="NetTcpBindingEndpoint" contract="WCFServiceReference.IWCFService"
name="NetTcpBindingEndpoint">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
</client>
</system.serviceModel>
</configuration>
我能够让客户端成功连接到服务的唯一方法是,如果我在服务器上创建一个用户名和密码与我在客户端计算机上使用的帐户相同的用户名和密码。如何设置安全性以避免这种情况?由于我可以控制客户端和服务器,因此我并不担心具有高级别的安全性。
答案 0 :(得分:0)
您可以使用服务器上的用户凭据设置数据库。要验证用户请求,如果从客户端验证来自客户端的用户凭据,则可以动态地在服务器上创建用户。
答案 1 :(得分:0)
您可能需要UserName的CredentialType。现在你正在获得默认的Windows。