我使用带有自定义用户名验证的wsHttpBinding为客户端设置了一个WCF服务,x.509,但没有SSL
他们使用PHP并且完全无法通过WS安全性,所以我们的解决方案必须是添加另一个basichttpbinding。但是当我这样做时,似乎需要SSL。我的要求绝对不是使用SSL。
我的wshttpbinding看起来像这样:
<wsHttpBinding>
<binding name="WSHttpBinding_ISearchService" closeTimeout="00:10:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" bypassProxyOnLocal="true" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" />
<security mode="Message" >
<message clientCredentialType="UserName"/>
</security>
</binding>
<serviceBehaviors>
<behavior name="My.Services.SearchServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<dataContractSerializer maxItemsInObjectGraph="2147483647" />
<serviceCredentials>
<serviceCertificate findValue="01000000000xxxxxxxxx" storeLocation="LocalMachine"
storeName="My" x509FindType="FindBySerialNumber" />
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="My.Services.UserNamePassValidator, SearchService" />
</serviceCredentials>
</behavior>
</serviceBehaviors>
使用没有SSL的basichttpbinding可以实现相同的配置吗?
答案 0 :(得分:0)
BasicHttpBinding要求BasicHttpBinding.Security.Message.ClientCredentialType等同于安全模式“Message”的BasicHttpMessageCredentialType.Certificate凭据类型。首先,你不能使用clientCredentialType =“UserName” 您需要具有客户端证书才能加密消息并进行传输。 WCF SDK示例实现了一个这样的场景,请检查here