我正在尝试将此绑定转换为自定义绑定:
<wsHttpBinding>
<binding name="ICB">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Certificate" proxyCredentialType="None"></transport>
<message clientCredentialType="UserName"
negotiateServiceCredential="false"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
..和这种行为..
<serviceBehaviors>
<behavior name="SCB">
<serviceCredentials>
<serviceCertificate findValue="a0 1e dd 76 89 78 a2 67 e3 7d c7 e5 55 5a ec 34 b7 ed 81 f6"
storeLocation="LocalMachine"
storeName="TrustedPeople"
x509FindType="FindByThumbprint" />
<userNameAuthentication
userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="WcfTesting.UsernameValidator, WcfTesting" />
<clientCertificate>
<authentication certificateValidationMode="None" revocationMode="NoCheck" />
</clientCertificate>
</serviceCredentials>
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="false" />
</behavior>
</serviceBehaviors>
只要客户端有establishSecurityContext = true,我就如何将其更改为false?
class Program
{
static void Main(string[] args)
{
var c = new CustomBinding();
c.Elements.Add(new TransactionFlowBindingElement());
//MessageSecurityVersion version = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
var sec = // SecurityBindingElement.CreateUserNameOverTransportBindingElement();
SecurityBindingElement.CreateSecureConversationBindingElement(
SecurityBindingElement.CreateUserNameOverTransportBindingElement());
c.Elements.Add(sec);
c.Elements.Add(new TextMessageEncodingBindingElement()); // {MessageVersion = MessageVersion.Soap11});
c.Elements.Add(new HttpsTransportBindingElement()); // { RequireClientCertificate = true });
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;
using (var host = new System.ServiceModel.ServiceHost( typeof (TestService) ))
{
ServiceEndpoint endpoint = host.AddServiceEndpoint(typeof(TestService), c, "https://localhost:1235");
host.Credentials.ServiceCertificate.SetCertificate(
StoreLocation.LocalMachine,
StoreName.TrustedPeople,
X509FindType.FindByThumbprint,
"a01edd768978a267e37dc7e5555aec34b7ed81f6");
host.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
host.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new UsernameValidator();
host.Open();
Console.WriteLine("SERVICE STARTED>>");
Console.ReadLine();
}
}
}
我使用WCFBindingBox的结果作为转换的基础,结果如下:
<!-- generated via Yaron Naveh's http://webservices20.blogspot.com/ -->
<customBinding>
<binding name="NewBinding0">
<transactionFlow />
<security authenticationMode="UserNameOverTransport" messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
<textMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
<!-- generated via Yaron Naveh's http://webservices20.blogspot.com/ -->
答案 0 :(得分:1)
您可以通过the binding box自动转换为自定义绑定。一般来说,如果establishSecurityContext为false,则不需要CreateSecureConversationBindingElement。而是直接使用CreateUserNameOverTransportBindingElement。