如何在WCF Web服务(服务器端)上实现WSS:X509令牌配置文件1.0

时间:2013-03-27 19:26:11

标签: wcf ws-security x509

我是创建WCF Web服务的新手,我正在试图找出如何创建符合WSS的WCF服务:X509令牌配置文件1.0。有很多关于如何进行客户端配置的帖子,但是关于服务器配置并不多。

这个项目最初是作为WSDL首先生成的服务开始的,所以我无法改变客户端如何向我发送数据的任何信息,我需要使服务符合他们发送的数据。

我已经离开并为此服务创建了一个自定义端点,但这就是我被困住的地方。我确信我只是缺少一些细节,以使其符合下面的pdf:

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0.pdf

    <behavior name="Something.ServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="true" />
      <serviceCredentials>
        <clientCertificate>
          <authentication certificateValidationMode="None" />
          <certificate findValue="ClientCertificate" 
                       storeLocation="LocalMachine" 
                       storeName="My" 
                       x509FindType="FindBySubjectName" />
        </clientCertificate>
        <serviceCertificate findValue="OurCertificate" 
                            storeLocation="LocalMachine" 
                            storeName="My" 
                            x509FindType="FindBySubjectName"/>
      </serviceCredentials>
      <serviceSecurityAudit auditLogLocation="Application"
                            serviceAuthorizationAuditLevel="Failure"
                            messageAuthenticationAuditLevel="Failure"
                            suppressAuditFailure="true" />
    </behavior>
  </serviceBehaviors>


  <service behaviorConfiguration="Something.ServiceName"
    name="Something.ServiceName">
    <endpoint address="mex" binding="mexHttpBinding" bindingConfiguration="" name="MetaDataEndPoint" contract="IMetadataExchange" />
    <endpoint address="" binding="customBinding" bindingConfiguration="CustomBinding0" name="customBindingEndPoint" contract="Something.IServiceName" >
    </endpoint>


    <binding name="CustomBinding0">
      <textMessageEncoding messageVersion="Soap12" />
      <security authenticationMode="MutualCertificate" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11" />
      <httpTransport />
    </binding>

非常感谢任何帮助/评论。

0 个答案:

没有答案