使用TransportWithMessageCredential安全模式在wsHttpBinding中配置MaxClockSkew

时间:2015-09-02 11:59:00

标签: wcf wcf-data-services wcf-binding wcf-security wcf-configuration

我的服务有以下配置正常运行。 当我需要使用TransportWithMessageCredential安全模式更改wsHttpBinding中MaxClockSkew的值时,会出现此问题。

如何在此配置中更改MaxClockSkew值? 

<system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="HttpsService_wsHttpBinding" closeTimeout="01:10:00"
          openTimeout="01:10:00" receiveTimeout="Infinite" sendTimeout="Infinite"
          maxBufferPoolSize="999999999" maxReceivedMessageSize="99999999">
          <readerQuotas maxDepth="999999999" maxStringContentLength="999999999"
            maxArrayLength="999999999" maxBytesPerRead="999999999" maxNameTableCharCount="999999999" />
          <reliableSession inactivityTimeout="Infinite" enabled="true" />
          <security mode="TransportWithMessageCredential">
            <message clientCredentialType="UserName" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service name="WcfServiceApp.Service1">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="HttpsService_wsHttpBinding"
          name="wsHttpEndPoint" contract="CommonTypes.IService" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
              customUserNamePasswordValidatorType="CommonTypes.CustomValidator, CommonTypes" />
          </serviceCredentials>
          <dataContractSerializer maxItemsInObjectGraph="2147483646" />
          <bufferedReceive maxPendingMessagesPerChannel="2147483647" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <protocolMapping>
      <add binding="basicHttpsBinding" scheme="https" />
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    <diagnostics wmiProviderEnabled="true">
      <messageLogging
           logEntireMessage="true"
           logMalformedMessages="true"
           logMessagesAtServiceLevel="true"
           logMessagesAtTransportLevel="true"
           maxMessagesToLog="3000"
       />
    </diagnostics>
  </system.serviceModel>

1 个答案:

答案 0 :(得分:2)

根据此post中的信息,您似乎无法更改标准(即WCF提供的)绑定上的maxClockSkew属性,您需要使用自定义绑定。像这样:

<system.serviceModel>
  <bindings>
    <customBinding>
      <binding name="HttpsService_wsHttpBinding" 
               closeTimeout="01:10:00"
               openTimeout="01:10:00" 
               receiveTimeout="Infinite" 
               sendTimeout="Infinite">
        <reliableSession inactivityTimeout="Infinite" 
                         enabled="true" />
        <security authenticationMode="SecureConversation">
          <secureConversationBootstrap authenticationMode="UserNameOverTransport" />
          <localServiceSettings maxClockSkew="00:30:00" />
        </security>
        <textMessageEncoding messageVersion="soap12">
          <readerQuotas maxDepth="999999999" 
                        maxStringContentLength="999999999"
                        maxArrayLength="999999999" 
                        maxBytesPerRead="999999999"
                        maxNameTableCharCount="999999999" />
        </textMessageEncoding> 
        <httpsTransport maxBufferPoolSize="999999999"
                        maxReceivedMessageSize="99999999" />
      </binding>
    <customBinding>
  </bindings>
</system.serviceModel>

请注意,时钟偏差在<security>部分设置<localServiceSettings>元素的属性maxClockSkew(在此示例中为30分钟)。自定义绑定起初可能有点令人生畏和/或混乱,但仔细检查上述示例并使用MSDN将会很有帮助。

CustomBindings是一个很好的起点,请注意文章指出了元素的特定顺序。

有关配置部分元素和属性的概述,您可以在此处查看:<customBinding>

我相信你还需要将客户端自定义绑定上的maxClockSkew属性设置为与服务相同的值。

相关问题
最新问题