zoukankan      html  css  js  c++  java
  • WCF 定制自己的签名验证逻辑

    关键点:

    1. 保证在客户端设置签名。

    client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.My, X509FindType.FindBySubjectName, certName);

    2. 编写自己的validator,继承 X509CertificateValidator

    public class MyX509CertificateValidator : X509CertificateValidator
    {
        string allowedIssuerName;
    
        public MyX509CertificateValidator(string allowedIssuerName)
        {
            if (allowedIssuerName == null)
            {
                throw new ArgumentNullException("allowedIssuerName");
            }
    
            this.allowedIssuerName = allowedIssuerName;
        }
    
        public override void Validate(X509Certificate2 certificate)
        {
            // Check that there is a certificate.
            if (certificate == null)
            {
                throw new ArgumentNullException("certificate");
            }
    
            // Check that the certificate issuer matches the configured issuer.
            if (allowedIssuerName != certificate.IssuerName.Name)
            {
                throw new SecurityTokenValidationException
                  ("Certificate was not issued by a trusted issuer");
            }
        }
    }
    

     3. 在server端,将自己编写的validator嵌入servicehost之中

               using (ServiceHost serviceHost = new ServiceHost(typeof(CalculatorService)))
                {
                    serviceHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode = 
                        X509CertificateValidationMode.Custom;
                    serviceHost.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = 
                        new MyX509CertificateValidator("CN=Contoso.com");
    
                    serviceHost.Open();
                    Console.WriteLine("Service started, press ENTER to stop ...");
                    Console.ReadLine();
    
                    serviceHost.Close();
                }

    最后附上MSDN的官方说明(原文出处)
    https://msdn.microsoft.com/en-us/library/ms733806(v=vs.110).aspx
  • 相关阅读:
    JAVAWE第一天
    01--2048实例开篇
    10--动作系统(四)动作类中的reverse方法
    09--动作系统(三)使用持续动作
    08--动作系统(二)使用即时动作
    【转】cocos2d-x windows开发环境配置
    07--动作系统(一)
    06--触摸事件响应
    05--简单场景切换与精灵创建
    04--简单菜单使用
  • 原文地址:https://www.cnblogs.com/atuotuo/p/4347736.html
Copyright © 2011-2022 走看看