webHttpBinding WCF服务通过HTTP响应,但不响应HTTPS

时间:2014-06-16 10:31:02

标签: .net wcf rest https webhttpbinding

我正在我的机器上开发WCF restfull服务,当我点击HTTP服务端点时,服务按预期响应。但是,当我点击HTTPS端点时,我得到了404 Not Found。

Https调用不会触发已作为CustomAuthorizationManager实现的serviceAuthorizationManagerType

知道为什么这不起作用?为什么在基地址为HTTPS时允许HTTP流量?

HTTP响应 enter image description here

HTTPS响应

enter image description here

的Web.config 

  <system.serviceModel>
    <bindings>
      <webHttpBinding>
        <binding name="webHttpTransportSecurity">
          <security mode="TransportCredentialOnly">
            <!--Basic authentication is NOT supported when running webHttpBinding through IIS
            see - http://blogs.msdn.com/b/phenning/archive/2008/01/11/custom-usernamepassword-validators-in-net-framework-3-5.aspx
            and a resolution - http://allen-conway-dotnet.blogspot.co.uk/2012/07/using-basic-authentication-in-rest.html-->
            <transport clientCredentialType="None"/>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="restfulBehavior" name="Chubb.SurveyRecommendations.Service.SurveyRecommendationsService">
        <!--webHttpBinding allows exposing service methods in a RESTful manner-->
        <endpoint address="" binding="webHttpBinding" bindingConfiguration="webHttpTransportSecurity" behaviorConfiguration="webHttpBehavior" contract="Chubb.SurveyRecommendations.Service.ISurveyRecommendations"/>
        <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>
        <host>
          <baseAddresses>
            <add baseAddress="https://localhost:44300/"/>
          </baseAddresses>
        </host>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="restfulBehavior">
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/>
          <serviceDebug includeExceptionDetailInFaults="false"/>
          <serviceAuthorization serviceAuthorizationManagerType="Chubb.SurveyRecommendations.Service.Security.CustomAuthorizationManager, Chubb.SurveyRecommendations.Service"/>
        </behavior>
      </serviceBehaviors>
      <!--Required default endpoint behavior when using webHttpBinding-->
      <endpointBehaviors>
        <behavior name="webHttpBehavior">
          <webHttp/>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>

合同 

    [OperationContract]
    [WebGet(UriTemplate = "Echo/{value}", BodyStyle = WebMessageBodyStyle.Bare, RequestFormat = WebMessageFormat.Xml, ResponseFormat = WebMessageFormat.Xml)]
    string Echo(string value);

服务 

public class SurveyRecommendationsService : ISurveyRecommendations
{
    public string Echo(string value)
    {
        if (string.IsNullOrWhiteSpace(value))
            return string.Empty;

        return value;
    }
}

1 个答案:

答案 0 :(得分:3)

好的,问题在于绑定。

指定了

security mode="TransportCredentialOnly",它不提供完整传输(HTTPS)安全。

我将值更改回security mode="Transport",并且按预期工作。

详情可在this MSDN article

中找到
  

无 - 表示HTTP请求没有使用安全性。

     

传输 - 表示传输级安全性与HTTP一起使用   请求。

     

TransportCredentialOnly - 表示只有基于HTTP的客户端   提供身份验证。

相关问题
最新问题