保护WCF NetHttpBinding的最有效方法

时间:2015-08-05 18:45:36

标签: c# wcf iis websocket

我将实现一个在 HoughLineTransformation lineTransform = new HoughLineTransformation( ); // apply Hough line transofrm lineTransform.ProcessImage( sourceImage ); Bitmap houghLineImage = lineTransform.ToBitmap( ); // get lines using relative intensity HoughLine[] lines = lineTransform.GetLinesByRelativeIntensity( 0.5 ); foreach ( HoughLine line in lines ) { // get line's radius and theta values int r = line.Radius; double t = line.Theta; // check if line is in lower part of the image if ( r < 0 ) { t += 180; r = -r; } // convert degrees to radians t = ( t / 180 ) * Math.PI; Console.WriteLine("{0},{1}",t,r) // get image centers (all coordinate are measured relative // to center) int w2 = image.Width /2; int h2 = image.Height / 2; double x0 = 0, x1 = 0, y0 = 0, y1 = 0; if ( line.Theta != 0 ) { // none-vertical line x0 = -w2; // most left point x1 = w2; // most right point // calculate corresponding y values y0 = ( -Math.Cos( t ) * x0 + r ) / Math.Sin( t ); y1 = ( -Math.Cos( t ) * x1 + r ) / Math.Sin( t ); } else { // vertical line x0 = line.Radius; x1 = line.Radius; y0 = h2; y1 = -h2; } // draw line on the image Drawing.Line( sourceData, new IntPoint( (int) x0 + w2, h2 - (int) y0 ), new IntPoint( (int) x1 + w2, h2 - (int) y1 ), Color.Red ); 下工作的Web服务,以支持双工连接。但问题是我不知道如何保护它。我尝试使用NetHttpBinding,这是我的CostumUserNamePasswordValidationMode

web.config

我认为问题是<behaviors> <serviceBehaviors> <behavior name="Behavior1"> <serviceMetadata httpGetEnabled="true"/> <serviceDebug includeExceptionDetailInFaults="true"/> <serviceCredentials> <serviceCertificate findValue="MyWebSite" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" /> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="WcfWSChat.UserNamePassValidator, WcfWSChat" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <netHttpBinding> <binding name="Binding1"> <security mode="Message"> <message clientCredentialType="UserName"/> </security> </binding> </netHttpBinding> </bindings> <protocolMapping> <add scheme="http" binding="netHttpBinding"/> </protocolMapping> <services> <service name="WcfWSChat.WSChatService" behaviorConfiguration="Behavior1" > <endpoint address="" binding="netHttpBinding" bindingConfiguration="Binding1" contract="WcfWSChat.IWSChatService" /> <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" /> </service> </services> ,每当我运行项目时,无论是在IIS Express还是IIS 8.0上,我都会收到此错误:

  

无法找到与绑定NetHttpBinding的端点匹配方案https的基址。注册的基地址方案是[http]。

如果我将<security mode="Message">属性更改为mode,我将不会再看到错误,但验证无效!

我该如何解决这个问题?

2 个答案:

答案 0 :(得分:6)

我认为你几乎接近解决方案。我试图复制你的问题,这就是我的意思。

  1. 在ServiceMetadata中添加并将httpsGetEnabled设置为true。 MetaData交换将在HTTPS中进行:
  2.   

    <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />

    1. 将mexHttpBinding更改为mexHttpsBinding:
    2.   

      <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange"/>

      1. 在你的装订中添加:
      2. <netHttpBinding>
           <binding name="netHttpBinding">
               <security mode="TransportWithMessageCredential">
                   <message clientCredentialType="UserName"/>
               </security>
           </binding>
        </netHttpBinding>
        
        1. 由于netHttpBinding默认使用http,我们需要一些映射。
        2. <protocolMapping>
              <add scheme="https" binding="netHttpBinding"/>
          </protocolMapping>
          
          1. 出于某种原因,即使我将protocolMapping更改为使用HTTPS进行netHttpBinding,我仍然会收到错误消息 “无法找到与绑定NetHttpBinding的端点的方案https匹配的基址。注册的基址方案是[http]。“
          2. 所以我做的是,我在我的服务中添加了基于这样的地址:

            <host>
                <baseAddresses>
                   <add baseAddress="https://localhost/Services/"/>
                </baseAddresses>
            </host>
            

            如果您没有看到上面突出显示的任何错误消息,则可以转义第5步。我把它放在这里以防万一。

            注意:我将证书安装在Personal下的证书存储区和受信任的根证书中的CA中。此示例仅在同一台计算机上运行,​​因为我的证书名称只是localhost。顺便说一下,我在这里使用.Net framework 4.5。

            以下是我的完整配置:

            <?xml version="1.0" encoding="utf-8"?>
            <configuration>
              <system.serviceModel>
                <services>
                  <service name="WcfServiceLibrary1.Service1" behaviorConfiguration="ServiceBehavior">
                    <host>
                      <baseAddresses>
                        <add baseAddress="https://localhost/Services/"/>
                      </baseAddresses>
                    </host>
                    <endpoint address="" binding="netHttpBinding"  bindingConfiguration="netHttpBinding" contract="WcfServiceLibrary1.IService1" name="WcfServiceLibrary1.IService1"/>
                    <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" listenUriMode="Explicit" />
                  </service>
                </services>
                <behaviors>
                  <serviceBehaviors >
                    <behavior name="ServiceBehavior">
                      <serviceCredentials>
                        <serviceCertificate findValue="localhost" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
                        **<!-- Retain your custom username password validator here -->**
                      </serviceCredentials>
                      <serviceMetadata httpGetEnabled="True" httpsGetEnabled="True" />
                      <serviceDebug includeExceptionDetailInFaults="False" />
                    </behavior>
                  </serviceBehaviors>
                </behaviors>
                <bindings>
                  <netHttpBinding>
                    <binding name="netHttpBinding">
                      <security mode="TransportWithMessageCredential">
                        <message clientCredentialType="UserName"/>
                      </security>
                    </binding>
                  </netHttpBinding>
                </bindings>
                <protocolMapping>
                  <add scheme="https" binding="netHttpBinding"/>
                </protocolMapping>
              </system.serviceModel>
            </configuration>
            

答案 1 :(得分:0)

似乎它可能与您注册为服务凭证的证书有关。

我尝试从serviceCertificate删除serviceBehaviours

如果您想通过该证书强制执行SSL,那么我会将绑定部分中的安全模式更新为TransportWithMessageCredential,并将协议映射方案更改为https