Silverlight 4 - 配置自托管WCF服务以使用SSL

时间:2011-05-19 18:36:35

标签: silverlight wcf ssl

我有一个Silverlight 4应用程序,它在同一台服务器上使用WCF服务(自托管)。一切正常,但现在我想转换我的WCF服务使用SSL。我正在使用CustomBindings并且无法找到完成此任务的组合。我在客户端使用相对URL,希望这不会导致问题。以下是我的Web.config文件的重要部分:

    <behaviors>
      <serviceBehaviors>
        <behavior name="">
          <serviceMetadata httpGetEnabled="true"  />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <dataContractSerializer maxItemsInObjectGraph="6553600"/>
          <serviceTimeouts transactionTimeout="00:10:00"/>
        </behavior>
        </serviceBehaviors>
      </behaviors>

    <bindings>
      <customBinding>
        <binding name="MyApp.Web.Services.ProjectService.customBinding0"
          receiveTimeout="00:10:00" sendTimeout="00:10:00">
          <binaryMessageEncoding />
          <httpsTransport maxReceivedMessageSize="2147483647" />
        </binding>
      </customBinding>
    </bindings>
  <services>
    <service name="MyApp.Web.Services.ProjectService">
        <endpoint address="" binding="customBinding" bindingConfiguration="MyApp.Web.Services.ProjectService.customBinding0"
          contract="MyApp.Web.Services.ProjectService" />
      </service>

我的ClientConfig看起来像这样:

    <configuration>
    <system.serviceModel>
        <bindings>
            <customBinding>
                <binding name="CustomBinding_ProjectService">
                    <binaryMessageEncoding />
                    <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" />
                </binding>
           </customBinding>
       </bindings>
       <client>
            <endpoint address="../Services/ProjectService.svc" binding="customBinding"
                bindingConfiguration="CustomBinding_ProjectService" contract="SearchProxy.ProjectService"
                name="CustomBinding_ProjectService" />
     </client>
  </system.serviceModel>
</configuration>

我只是不明白绑定如何在服务器和客户端中工作。我希望有人能指出我正确的方向。

2 个答案:

答案 0 :(得分:1)

一些事情:

如果您想在localhost上使用SSL,则需要使用IIS Express 7.5(如果您在服务器上执行开发,则需要使用完整的IIS)。

您需要存储在Web应用程序根目录中的clientaccesspolicy.xml文件:

<?xml version="1.0" encoding="utf-8"?>
    <access-policy>
       <cross-domain-access>
           <policy>
               <allow-from http-request-headers= "SOAPAction">
                   <domain uri="https://*"/>
               </allow-from>
               <grant-to>
                    <resource path="/" include-subpaths="true"/>
               </grant-to>
           </policy>
       </cross-domain-access>
     </access-policy>

服务器端Web.config示例:

<system.serviceModel>
  <bindings>
    <basicHttpBinding>
      <binding name="SecureBasicHttpBinding">
        <security mode="Transport">
          <transport clientCredentialType="Certificate" />
        </security>
      </binding>
    </basicHttpBinding>
  </bindings>

  <behaviors>
    <serviceBehaviors>
      <behavior name="SomeBehavior" >
        <serviceMetadata httpsGetEnabled="true"/>
        <serviceDebug includeExceptionDetailInFaults="true"/>
        <useRequestHeadersForMetadataAddress>
          <defaultPorts>
            <add scheme="https" port="443" />
          </defaultPorts>
        </useRequestHeadersForMetadataAddress>
      </behavior>
    </serviceBehaviors>
  </behaviors>

  <serviceHostingEnvironment>
    <serviceActivations>
      <add relativeAddress="SomeService.svc" service="MySilverlight.Web.SomeService"/>
    </serviceActivations>
  </serviceHostingEnvironment>

  <services>
    <service name="MySilverlight.Web.SomeService"
             behaviorConfiguration="SomeBehavior">

      <endpoint address="SomeService"
                binding="basicHttpBinding"
                bindingConfiguration="SecureBasicHttpBinding"
                bindingNamespace="https://MySilverlight.Web.SomeService"
                contract="MySilverlight.Web.ISomeService">
      </endpoint>

      <endpoint address="mex"
                binding="mexHttpsBinding"
                contract="IMetadataExchange" />
    </service>
  </services>
</system.serviceModel>

客户端示例:

<?xml version="1.0" encoding="utf-8"?>
   <configuration>
      <system.serviceModel>
          <bindings>
              <basicHttpBinding>
                  <binding name="BasicHttpBinding_ISomeService" maxBufferSize="2147483647"
                       maxReceivedMessageSize="2147483647">
                      <security mode="Transport" />
                  </binding>
              </basicHttpBinding>
          </bindings>
          <client>
              <endpoint address="https://localhost/SomeService.svc/SomeService"
            binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_ISomeService"
            contract="MySilverlight.Web.SomeServiceReference.ISomeService"
            name="BasicHttpBinding_ISomeService" />
         </client>
    <extensions />
    </system.serviceModel>
</configuration>

IIS 7.5将自动设置您的localhost证书。

答案 1 :(得分:0)

您可以更新客户端项目的服务参考吗?这应该使用正确的绑定更新clientconfig文件。我现在注意到的一件事是你正在使用&lt; httpTransport&gt;在客户端绑定和&lt; httpsTransport&gt;在服务上。尝试更改客户端以使用&lt; httpsTransport&gt;同样。

此外,如果您的SL应用程序是从HTTP://地址下载的,那么在HTTPS中调用服务被视为跨域调用,因此您还需要跨域策略文件