WCF中的消息级别安全性 [英] Message level security in WCF
问题描述
据我所知,默认情况下,WCF对"wsHTTPBinding"的所有消息进行加密和签名.那么在WCF中对于"wsHTTPBinding"的消息级安全性的实际需求是什么?另外,How 我可以有选择地定义可以通过身份验证执行哪些操作 客户使用消息级别的安全性?
As per as my knowledge, WCF by default, Encrypts and Signs all messages for "wsHTTPBinding". Then what is the actual need of Message level security in WCF for "wsHTTPBinding"? Also, How can I selectively define which operations can be executed by authenticated client using Message level security?
谢谢.
致谢
ronit_rc
推荐答案
您好,WSHttpBinding使用消息安全性对消息进行加密和签名.邮件的加密和签名是邮件安全性提供的功能.
Hello, WSHttpBinding encrypts and signs messages because it uses message security. The encryption and signing of messages are features provided by message security.
第二个问题似乎是授权问题,而不是身份验证问题.消息安全性不涵盖此范围.以最简单的形式,您可以使用基于角色的授权,如 http://msdn.microsoft.com/en-us/library/ms731200.aspx .对于高级用途,建议使用WIF.参考 http://msdn.microsoft.com/zh-CN/identitytrainingcourse_webservicesandidentitylab2010_topic2 以获取教程.
The second question seems to be an authorization problem instead of authentication problem. This is not covered by message security. In the simplest form, you can use role based authorization as described in http://msdn.microsoft.com/en-us/library/ms731200.aspx. For advanced uses, it is recommended to use WIF. Refer to http://msdn.microsoft.com/en-us/identitytrainingcourse_webservicesandidentitylab2010_topic2 for a tutorial.
这篇关于WCF中的消息级别安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!