我按照指南找到http://weblogs.asp.net/cibrax/archive/2008/03/26/authenticating-users-with-supporting-tokens-in-wcf-binding-extension.aspx,以创建符合我需求的安全策略。我按照本文中使用WCF HTTP传输的描述工作。
但是,我无法配置customBinding来处理非Http传输,例如普通的WCF TCP。我一直收到错误消息:
Binding 'CustomBinding' doesn't support creating any channel types. This often
indicates that the BindingElements in a CustomBinding have been stacked incorrectly
or in the wrong order. A Transport is required at the bottom of the stack. The
recommended order for BindingElements is: TransactionFlow, ReliableSession,
Security, CompositeDuplex, OneWay, StreamSecurity, MessageEncoding, Transport.
有没有人有任何关于配置customBinding以使用TCP传输的建议?
来自Page:
的绑定示例<customBinding>
<binding name="MutualCertificateBinding">
<security authenticationMode="MutualCertificate"/>
<httpTransport/>
</binding>
</customBinding>
我确实找到了关于潜在解决方案的博客文章http://blog.ploeh.dk/2009/06/22/CustomTokensOverNonHTTPTransports.aspx,但在这种情况下它似乎不起作用,因为它使用了邮件安全性,而流式传输对邮件安全性起作用。然后,如果我改为'buffered',我收到同样的错误。
完整性:我正在解决的问题是将登录用户的用户名从ASP.NET MVC网站传递给需要了解用户的WCF服务,以便仅返回特定于该用户的数据。 / p>
编辑: 作为Request,我的绑定配置: 使用Http客户端配置:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="MutualCertificate">
<security authenticationMode="MutualCertificate" />
<httpTransport/>
</binding>
</customBinding>
<trustedWeb>
<binding name="MyTrustedWeb"
bindingReference="MutualCertificate" />
</trustedWeb>
</bindings>
<client>
<endpoint address="http://localhost:8732/Design_Time_Addresses/DataServices/MyDataService"
binding="trustedWeb"
bindingConfiguration="MyTrustedWeb"
behaviorConfiguration="ClientBehavior"
contract = "IMyDataService">
<identity>
<dns value="MyDns" />
</identity>
</endpoint>
</client>
<behaviors>
<endpointBehaviors>
<behavior name="ClientBehavior">
<clientCredentials>
<clientCertificate findValue="CN=ClientCert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
<serviceCertificate>
<defaultCertificate findValue="CN=ServiceCert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
<authentication revocationMode="NoCheck"
certificateValidationMode="None" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
<extensions>
<bindingExtensions>
<add name="trustedWeb"
type="TrustedWebExtension.TrustedBindingCollectionElement, TrustedWebExtension"/>
</bindingExtensions>
</extensions>
</system.serviceModel>
使用Http服务配置:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="MutualCertificate">
<security authenticationMode="MutualCertificate" />
<httpTransport />
</binding>
</customBinding>
<trustedWeb>
<binding name="MyTrustedWeb"
bindingReference="MutualCertificate" />
</trustedWeb>
</bindings>
<services>
<!-- Use this service when testing with authentication, as you will need a custom client with username / password ability. -->
<service behaviorConfiguration="MyDataServiceBehavior"
name="MyDataService">
<endpoint address="/DataServices/MyDataService"
binding="trustedWeb"
bindingConfiguration="MyTrustedWeb"
contract="IMyDataService" >
<identity>
<dns value="MyDns"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://localhost:8732/Design_Time_Addresses" />
<add baseAddress="net.tcp://localhost:30000"/>
</baseAddresses>
</host>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="MyDataServiceBehavior">
<!-- To avoid disclosing metadata information,
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="True"/>
<!-- To receive exception details in faults for debugging purposes,
set the value below to true. Set to false before deployment
to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="True" />
<serviceCredentials>
<!-- <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"
membershipProviderName="SqlMembershipProvider" /> -->
<serviceCertificate findValue="CN=ServiceCert"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectDistinguishedName" />
<clientCertificate>
<!-- <authentication certificateValidationMode="None" /> -->
<authentication revocationMode="NoCheck"
certificateValidationMode="PeerTrust" />
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="TrustedWebExtension.UsernameBlankPasswordValidator, TrustedWebExtension"/>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<extensions>
<bindingExtensions>
<add name="trustedWeb"
type="TrustedWebExtension.TrustedBindingCollectionElement, TrustedWebExtension"/>
</bindingExtensions>
</extensions>
非工作TCP服务端配置:
将<httpTransport/>更改为<tcpTransport />并尝试启动该服务。 Wcf服务主机抛出上述错误。我已经尝试了一些关于为transport和customBinding堆栈指定更多值的主题的变体,但是无法使任何东西工作。