我试图以编程方式增加BasicHtttpBinding的时钟偏差。我使用CreateUserNameOverTransportBinding模式使用TransportSecurityBindingElement。我能够将绑定元素时钟炖煮更改为15分钟(在客户端绑定打印到文件,如下所示)。但是不会修改bootstrap元素偏斜。
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
<system.serviceModel>
<bindings>
<customBinding>
<binding name="BasicHttpBinding">
<security defaultAlgorithmSuite="Default" authenticationMode="UserNameOverTransport"
requireDerivedKeys="true" securityHeaderLayout="Lax" includeTimestamp="true"
keyEntropyMode="CombinedEntropy" messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<localClientSettings cacheCookies="true" detectReplays="false"
replayCacheSize="900000" maxClockSkew="00:15:00" maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="false" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:15:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<mtomMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
messageVersion="Soap11" maxBufferSize="10485760" writeEncoding="utf-8">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
</mtomMessageEncoding>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="10485760" allowCookies="false" authenticationScheme="Anonymous"
bypassProxyOnLocal="false" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="10485760" proxyAuthenticationScheme="Anonymous"
realm="" transferMode="StreamedRequest" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="false" />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
</configuration>
我无法以编程方式修改elemet。我在这里遇到的困难是从TransportSecurityBindingElement获取SecureConversationSecurityTokenParameters。请参阅下面的代码。
public static Binding CreateCustomHttpSecuredStreamingUploadBinding(TimeSpan clockSkew)
{
CustomBinding myCustomBinding = new CustomBinding(GetHttpSecuredStreamingUploadBinding());
TransportSecurityBindingElement security = myCustomBinding.Elements.Find<TransportSecurityBindingElement>();
security.LocalClientSettings.MaxClockSkew = clockSkew;
security.LocalServiceSettings.MaxClockSkew = clockSkew;
SecureConversationSecurityTokenParameters secureConversation;
secureConversation = security.EndpointSupportingTokenParameters.SignedEncrypted[0] as SecureConversationSecurityTokenParameters;
if (secureConversation != null)
{
SecurityBindingElement bootstrap = secureConversation.BootstrapSecurityBindingElement;
// Set the MaxClockSkew on the bootstrap element.
bootstrap.LocalClientSettings.MaxClockSkew = clockSkew;
bootstrap.LocalServiceSettings.MaxClockSkew = clockSkew;
}
return myCustomBinding;
}
private static BasicHttpBinding GetHttpSecuredStreamingUploadBinding()
{
BasicHttpBinding basicHttpBinding = new BasicHttpBinding();
basicHttpBinding.MessageEncoding = WSMessageEncoding.Mtom;
basicHttpBinding.TransferMode = TransferMode.StreamedRequest;
basicHttpBinding.Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
basicHttpBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
int MaxBufferSize = ConfigManager.GetInstance().MaxBufferSize(TConstants.HttpSecuredStreamingUpload, EndpointType.Client);
basicHttpBinding.MaxBufferSize = MaxBufferSize;
long maxReceivedMessageSize = ConfigManager.GetInstance().MaxReceivedMsgSize(TConstants.HttpSecuredStreamingUpload, EndpointType.Client);
basicHttpBinding.MaxReceivedMessageSize = maxReceivedMessageSize;
TdTimer timer = GetTimeOut(TConstants.HttpSecuredStreamingUpload, TConstants.SendTimeout);
if (timer.isSet)
basicHttpBinding.SendTimeout = timer.TimeOut;
timer = GetTimeOut(TriadTransportConstants.HttpSecuredStreamingUpload, TConstants.ReceiveTimeout);
if (timer.isSet)
basicHttpBinding.ReceiveTimeout = timer.TimeOut;
basicHttpBinding.ReaderQuotas = SetXmlDictionaryReaderQuotas(TConstants.HttpSecuredStreamingUpload);
return basicHttpBinding;
}
EndpointSupportingTokenParameters有一个SignedEncrypted [0]元素,但Endorsing [0]为空。所以我使用下面的代码,但在转换为SecureConversationSecurityTokenParameters时返回null。
secureConversation = security.EndpointSupportingTokenParameters.SignedEncrypted[0] as
SecureConversationSecurityTokenParameters;
有许多代码片段和WShttpBinding的帮助,但我不能去那,因为我正在使用流媒体。请帮忙。