zoukankan      html  css  js  c++  java
  • WCF 安全

    WCF 采用wsHttpBinding

    服务端配置 

    View Code 
     <system.serviceModel>
        <services>
          <service name="WcfService1.Service1" behaviorConfiguration="WcfService1.Service1Behavior">
            <endpoint address="" binding="wsHttpBinding"  contract="WcfService1.IService1" bindingConfiguration="fafaf">
              <identity>
                <dns value="localhost"/>
              </identity>
            </endpoint>
            <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
          </service>
        </services>
        <bindings>
          <wsHttpBinding>
            <binding name="fafaf">
              <security mode="Message">
                <message clientCredentialType="Certificate" establishSecurityContext="true" negotiateServiceCredential="true"/>

              </security>
            </binding>

          </wsHttpBinding>
        </bindings>
        <behaviors>
          <serviceBehaviors>
            <behavior name="WcfService1.Service1Behavior">
              <serviceMetadata httpGetEnabled="true"/>
              <!-- 要接收故障异常详细信息以进行调试,请将以下值设置为 true。在部署前设置为 false 以避免泄漏异常信息 -->
              <serviceDebug includeExceptionDetailInFaults="false"/>
              <serviceCredentials  >
                <serviceCertificate storeLocation="LocalMachine" findValue="www.artech.com" storeName="My" x509FindType="FindBySubjectName"/>
                <clientCertificate>
                  <authentication certificateValidationMode="PeerOrChainTrust" />
                </clientCertificate>
              </serviceCredentials>
            </behavior>
          </serviceBehaviors>
        </behaviors>
      </system.serviceModel>

    客户端配置:

     View Code

     
      <system.serviceModel>
        <bindings>
          <wsHttpBinding>
            <binding name="WSHttpBinding_IService1" closeTimeout="00:01:00"
              openTimeout
    ="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
              bypassProxyOnLocal
    ="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard"
              maxBufferPoolSize
    ="524288" maxReceivedMessageSize="65536" messageEncoding="Text"
              textEncoding
    ="utf-8" useDefaultWebProxy="true" allowCookies="false">
              <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                maxBytesPerRead
    ="4096" maxNameTableCharCount="16384" />
              <reliableSession ordered="true" inactivityTimeout="00:10:00"
                enabled
    ="false" />
              <security mode="Message">
                <!--<transport clientCredentialType="Windows" proxyCredentialType="None"
                  realm="" />
    -->
                <message clientCredentialType="Certificate" negotiateServiceCredential="true"
                  algorithmSuite
    ="Default" />
              </security>
            </binding>
          </wsHttpBinding>
        </bindings>
        <client>
          <endpoint address="http://192.168.67.64:8024/Service1.svc" behaviorConfiguration="endpointBehavior"
            binding
    ="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1"
            contract
    ="ServiceReference1.IService1" name="WSHttpBinding_IService1">
            <identity>
              <dns value="www.artech.com" />
            </identity>
          </endpoint>
        </client>
        <behaviors>
          <endpointBehaviors>
            <behavior name="endpointBehavior">
              <clientCredentials>
                <clientCertificate storeName="My" x509FindType="FindBySubjectName"findValue="localhost" storeLocation="LocalMachine"/>
                <serviceCertificate >
                  <authentication certificateValidationMode="PeerOrChainTrust"/>
                </serviceCertificate>
              </clientCredentials>
            </behavior>
          </endpointBehaviors>
        </behaviors>
      </system.serviceModel

    作 者:清水无鱼
    出 处:http://www.cnblogs.com/wzpo/
    本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面 明显位置给出原文连接,否则保留追究法律责任的权利。
  • 相关阅读:
    deb 和 rpm 后缀文件 区别和安装
    20.pipe
    19.Observales
    18.4 运行脚本 sudo ./launcher.sh 必须先给他权限 才能使用
    18.3 redis 的安装
    18.2 不同用户 不同颜色光标 redis
    18.1利用socket .io 实现 editor间代码的同步
    18. socket io
    java 设计模式
    Gson 2.8.jar基础
  • 原文地址:https://www.cnblogs.com/wzpo/p/2385659.html
Copyright © 2011-2022 走看看