使用HTTP上的自定义绑定在我的WCF服务上实现传输安全性

时间:2014-03-20 16:06:44

标签: wcf soap soa wcf-binding wcf-security

我是WCF安全新手。我正在尝试在我的WCF服务上实现传输安全性。我们在HTTP上使用custombinding。有人可以建议我们怎么做?

<customBinding> <binding name="CustomBinding"> <binaryMessageEncoding/> <httpTransport allowCookies="true" maxReceivedMessageSize="2000000000" maxBufferSize="2000000000" maxBufferPoolSize="2000000000"/> </binding> </customBinding>

1 个答案:

答案 0 :(得分:2)

您将要使用证书来实现传输级安全性。

您可以使用本教程(如下)来了解如何创建“测试”证书;对于生产,我建议使用您自己公司的内部CA(如果有的话)发布证书或使用可信赖的提供商(Symantec,GlobalSign等)。

  

http://msdn.microsoft.com/en-us/library/bfsktky3(v=vs.110).aspx

您可以使用本教程(如下)了解如何在盒子上安装证书。

  

http://msdn.microsoft.com/en-us/library/bb950259(v=bts.10).aspx

至于服务app.config - 它应该是某些,如下所示:

<system.serviceModel>
  <services>
    <service name="YourServiceNameGoesHere" behaviorConfiguration="MyCustomBehavior">
      <endpoint address="YourAddressGoesHere" binding="customBinding" contract="YourIContractNameGoesHere" bindingConfiguration="MyCustomBinding"/>
    </service>
  </services>

  <behaviors>
    <serviceBehaviors>
      <behavior name="MyCustomBehavior">
        <serviceMetadata httpsGetEnabled="true" />
        <serviceCredentials>
          <clientCertificate>
            <authentication certificateValidationMode="None" trustedStoreLocation="LocalMachine" />
          </clientCertificate>
          <serviceCertificate findValue="YourCertNameGoesHere" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"/>
        </serviceCredentials>
      </behavior>
    </serviceBehaviors>
  </behaviors>

  <bindings>
    <customBinding>
      <binding name="MyCustomBinding">
        <security authenticationMode="CertificateOverTransport" />                    
        <httpsTransport />
      </binding>
    </customBinding>
  </bindings>
</system.serviceModel>

就客户端app.config而言 - 它应该是某些,如下所示:

 <system.serviceModel>
    <client>
      <endpoint address="YourAddressGoesHere" binding="customBinding" bindingConfiguration="MyCustomBinding" behaviorConfiguration="MyCustomBehavior" contract="YourIContractNameGoesHere" name="YourClientNameGoesHere" />
    </client>

    <behaviors>
      <endpointBehaviors>
        <behavior name="MyCustomBehavior">
          <clientCredentials>
            <clientCertificate findValue="YourCertNameGoesHere" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>

    <bindings>
      <customBinding>
        <binding name="MyCustomBinding">
          <security mode="Transport">
            <transport clientCredentialType="Certificate" />
          </security>
          <httpsTransport />
        </binding>
      </customBinding>
    </bindings>
  </system.serviceModel>
相关问题
最新问题