如何设置SSL Web服务? [英] How do I set up an SSL web service?
问题描述
这让我很头疼:
我有一个网络服务我的Web应用程序中的服务联系人。我需要做的就是将它作为SSL Web服务使用,不允许通过不安全的http访问。
我认为我的问题是web.config和app.config对于我的单元测试项目。
这是我目前的Web.config的化身:
< system.serviceModel >
< bindings >
< basicHttpBinding >
< binding name = basicHttpsBinding maxReceivedMessageSize = 524288000 >
< security mode = 运输 >
< transport clientCredentialType = 无 proxyCredentialType < span class =code-keyword> = 无 领域 = / >
< 消息 clientCredentialType = 证书 algorithmSuite = 默认 / >
< / security >
< / binding >
< binding name = mexHttpBinding maxReceivedMessageSize = 524288000 / >
< / basicHttpBinding >
< / bindings >
< 服务 >
< service name = fw.Services.AServiceAccess >
< endpoint 地址 = binding = basicHttpBinding 合同 = fw.Services.IAServiceAccess bindingConfiguration = basicHttpsBinding >
< / endpoint >
< / service >
< / services >
< / system.serviceModel >
,这是我的app.config
< 配置 >
< system.net >
< 设置 >
< servicePointManager checkCertificateName = false checkCertificateRevocationList = false / >
< / settings >
< / system.net >
< system.s erviceModel >
< 绑定 >
< basicHttpBinding >
< binding name = BasicHttpBinding_IAServiceAccess / >
< / basicHttpBinding >
< / bindings >
< client >
< endpoint 地址 = https://www.fw .codep.co.uk / Services / AServiceAccess.svc
binding = basicHttpBinding bindingConfiguration = BasicHttpBinding_IAServiceAccess
合同 = ASecureAccessService.IAServiceAccess
name = BasicHttpBinding_IAServiceAccess / >
< / client < span class =code-keyword>>
< / system.serviceModel >
< /配置 >
我确实让服务工作了带有大量请求的标准http。如果我在addess中使用https,则会收到错误:
调试跟踪:
TestCorrectDetails:AssemblyInit {0}
AssemblyCleanup
测试方法FlightWatchUnitTests.Application.WebInterface.Services.AirlineServiceAccessTest.TestCorrectDetails抛出异常:
System.ServiceModel.Security.MessageSecurityException:HTTP请求被禁止使用客户端身份验证方案Anonymous。 ---> System.Net.WebException:远程服务器返回错误:(403)Forbidden。
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End内部异常堆栈跟踪---
默认子域是dev。但我有www。 (和其他人)设置为有效的子域名。
我用google搜索很长很难但几乎所有WCF Web服务实例都没有设置我完成它的方式,配置设置让我的头受伤> _<
任何人都可以帮我恢复正常吗?
谢谢^ _ ^
Andy
编辑:更新的配置和错误信息到最新问题
现在启用匿名身份验证并尝试下面的web.config:
服务器配置:
< configuration > ;
< system.serviceModel >
< bindings >
< basicHttpBinding >
< binding name = basicHttpsBinding maxReceivedMessageSize = < span class =code-keyword> 524288000 >
< 安全性 mode = 传输 >
< transport clientCredentialType = 无 proxyCredentialType = 无 realm = / >
< ; 消息 clientCredentialType < span class =code-keyword> = 证书 algorithmSuite = 默认 / >
< / security >
< / binding >
< binding 名称 = mexHttpBinding maxReceivedMessageSize = 524288000 / >
& lt; / basicHttpBinding >
< / bindings >
< 服务 >
< service name = fw.Services.AServiceAccess >
< endpoint 地址 = https:/ /www.fw.codep.co.uk/Services/AServiceAccess.svc\"
binding = basicHttpBinding bindingConfiguration = basicHttpsBinding
< span class =code-attribute> 合同 = fw.Services.IAServiceAccess / >
< / servi ce >
< / services >
< / system.serviceModel >
< / configuration >
客户端配置:
< 配置 >
< system。 net >
< 设置 >
< servicePointManager checkCertificateName = false checkCertificateRevocationList = false / >
< / settings >
< / system.net >
< system.serviceModel >
< 绑定 &g t;
< basicHttpBinding >
< binding 名称 = BasicHttpBinding_IAServiceAccess maxReceivedMessageSize = 524288000 >
< security mode = 传输 >
< transport clientCredentialType = 无 proxyCredentialType = 无 realm = / >
< ; 消息 clientCredentialType < span class =code-keyword> = 证书 algorithmSuite = 默认 / >
< / security >
< / binding >
< / basicHttpBinding >
< / bindings >
< client < span class =code-keyword>>
< endpoint 地址 = https://www.fw.codep.co.uk/Services/AServiceAccess.svc
binding = basicHttpBinding bindingConfiguration = BasicHttpBinding_IAServiceAccess
contract = ASecureAccessService.IAServiceAccess
name = BasicHttpBinding_IAServiceAccess / >
< / client >
< / system.serviceModel >
< / configuration > 跨度>
Hi,
This is giving me a headache:
I have a web service with a service contact in my web application. All I need to do is consume it as an SSL web service and not allow access via unsecured http.
I think my issue is the web.config and app.config for my unit test project.
Here is my current incarnation of Web.config:
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="basicHttpsBinding" maxReceivedMessageSize="524288000">
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Default"/>
</security>
</binding>
<binding name="mexHttpBinding" maxReceivedMessageSize="524288000" />
</basicHttpBinding>
</bindings>
<services>
<service name="fw.Services.AServiceAccess">
<endpoint address="" binding="basicHttpBinding" contract="fw.Services.IAServiceAccess" bindingConfiguration="basicHttpsBinding">
</endpoint>
</service>
</services>
</system.serviceModel>
and here is my app.config
<configuration>
<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IAServiceAccess" />
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://www.fw.codep.co.uk/Services/AServiceAccess.svc"
binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IAServiceAccess"
contract="ASecureAccessService.IAServiceAccess"
name="BasicHttpBinding_IAServiceAccess" />
</client>
</system.serviceModel>
</configuration>
I did get the service working with standard http with large requests. If I use https in the addess I get the error:
Debug Trace:
TestCorrectDetails: AssemblyInit {0}
AssemblyCleanup
Test method FlightWatchUnitTests.Application.WebInterface.Services.AirlineServiceAccessTest.TestCorrectDetails threw exception:
System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
The default subdomain is dev. but I have www. (and others) set as valid subdomains.
I have googled long and hard but almost all instances of WCF web services are not set up the way I have done it, and config settings make my head hurt >_<
Can anyone help me get back on track with this?
Thanks ^_^
Andy
EDIT: Updated configs and error message to latest issue
Enable Anonymous Authentication for now and try the web.config below:
Server config:
<configuration> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="basicHttpsBinding" maxReceivedMessageSize="524288000"> <security mode="Transport"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="Certificate" algorithmSuite="Default"/> </security> </binding> <binding name="mexHttpBinding" maxReceivedMessageSize="524288000" /> </basicHttpBinding> </bindings> <services> <service name="fw.Services.AServiceAccess"> <endpoint address="https://www.fw.codep.co.uk/Services/AServiceAccess.svc" binding="basicHttpBinding" bindingConfiguration="basicHttpsBinding" contract="fw.Services.IAServiceAccess" /> </service> </services> </system.serviceModel> </configuration>
Client config:
<configuration> <system.net> <settings> <servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/> </settings> </system.net> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_IAServiceAccess" maxReceivedMessageSize="524288000"> <security mode="Transport"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="Certificate" algorithmSuite="Default"/> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://www.fw.codep.co.uk/Services/AServiceAccess.svc" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IAServiceAccess" contract="ASecureAccessService.IAServiceAccess" name="BasicHttpBinding_IAServiceAccess" /> </client> </system.serviceModel> </configuration>
这篇关于如何设置SSL Web服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!