宁静的帖子和证书验证 [英] Restful Post and Certificate Validation
问题描述
大家好,
最近几天,我正在努力使WCF服务正常工作.我不知道这哪里出错了,因为我无法从WCF跟踪日志等获取信息.我有如下服务代码
公共接口IAuthenticatedMessageService
{
[OperationContract]
[WebInvoke(
Method ="POST",
BodyStyle = WebMessageBodyStyle.Bare,
UriTemplate ="Upload")]
void Upload(Stream data);
}
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
公共类AuthenticatedMessageService:IAuthenticatedMessageService
{
public void Upload(流数据)
{
StreamReader sr = new StreamReader(data);
File.WriteAllText(@"C:\ WUTEMP \ NAZ_STREAMTEST.xml",sr.ReadToEnd());
}
}
我有以下配置:
< system.serviceModel>
< serviceHostingEnvironment aspNetCompatibilityEnabled ='true'></serviceHostingEnvironment>
< bindings>
< webHttpBinding>
< binding name =" WebConfiguration"
maxBufferSize ="65536"
maxReceivedMessageSize ="2000000000"
transferMode =流式"
<安全模式=运输">
< transport clientCredentialType =证书"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<行为>
< endpointBehaviors>
<行为名称="WebBehavior">
< webHttp/>
</行为>
</endpointBehaviors>
< serviceBehaviors>
<行为名称=" AuthenticatedMessageService.Service1Behavior"
< serviceMetadata httpGetEnabled ="true" httpsGetEnabled ="true"; />
< serviceDebug includeExceptionDetailInFaults ="true" />
< serviceCredentials>
< serviceCertificate findValue =" ServiceSideCertificate" x509FindType ="FindBySubjectName"; storeLocation ="LocalMachine" storeName =我的"</serviceCertificate>
</serviceCredentials>
</行为>
</serviceBehaviors>
</行为>
<服务>
<服务名称="AuthenticatedMessageService.AuthenticatedMessageService"; behaviorConfiguration =" AuthenticatedMessageService.Service1Behavior">
<端点
address =''
binding ='"webHttpBinding"
behaviorConfiguration ="WebBehavior"
bindingConfiguration ="WebConfiguration"
contract ="AuthenticatedMessageService.IAuthenticatedMessageService"; >
</endpoint>
</service>
</services>
</system.serviceModel>
客户代码:
X509Certificate2 Cert =新的X509Certificate2(@"C:\ Projects \ Dummy Tests \ AuthenticatedMessageService \ WebClientToTest \ clientCert.cer");
Uri地址=新的Uri("http://localhost/AuthenticatedMessageService/AuthenticatedMessageService.svc/Upload");
//创建网络请求
HttpWebRequest request = WebRequest.Create(address)as HttpWebRequest;
request.ClientCertificates.Add(Cert);
request.UserAgent =客户端证书示例";
//将类型设置为POST
request.Method ="POST" ;;
request.ContentType ="application/x-www-form-urlencoded";
//创建我们要发送的数据
字符串数据="{\" SomeData \:\" someTestData \}}";
//为我们要发送的数据创建字节数组
byte [] byteData = UTF8Encoding.UTF8.GetBytes(data);
//在请求标头中设置内容长度
request.ContentLength = byteData.Length;
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
//写入数据
使用(Stream postStream = request.GetRequestStream())
{
postStream.Write(byteData,0,byteData.Length);
}
问题:如果我从配置文件中删除以下段,并且还从IIS7中删除了SSL设置,则我的服务可以正常工作并保存流数据.
<安全模式=运输">
< transport clientCredentialType =证书"/>
</security>
我想使用此服务来验证客户证书.有人可以帮忙吗?
此致
Naz
Hi Naz,
据我了解,您想使用SSL保护wcf,并通过证书身份验证来更改客户端.
有些文章可能会帮助您实现这一目标
方法:在Windows窗体的WCF调用中使用证书身份验证和传输安全性
http://msdn.microsoft.com/en-us/library/ff650785 .aspx具有证书身份验证的传输安全性
http://msdn.microsoft.com/en-us/library/ms731074 .aspx
Hi Guys,
Last few days, I am struggling to make WCF service work. I have no idea where does this go wrong as I cant get information from WCF trace logs etc. I have service code as follows
public interface IAuthenticatedMessageService
{
[OperationContract]
[WebInvoke(
Method = "POST",
BodyStyle = WebMessageBodyStyle.Bare,
UriTemplate = "Upload")]
void Upload(Stream data);
}
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class AuthenticatedMessageService : IAuthenticatedMessageService
{
public void Upload(Stream data)
{
StreamReader sr = new StreamReader(data);
File.WriteAllText(@"C:\WUTEMP\NAZ_STREAMTEST.xml", sr.ReadToEnd());
}
}
I have following configuration:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled ="true"></serviceHostingEnvironment>
<bindings>
<webHttpBinding>
<binding name="WebConfiguration"
maxBufferSize="65536"
maxReceivedMessageSize="2000000000"
transferMode="Streamed">
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
</binding>
</webHttpBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="WebBehavior">
<webHttp/>
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="AuthenticatedMessageService.Service1Behavior">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceCredentials>
<serviceCertificate findValue="ServiceSideCertificate" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My"></serviceCertificate>
</serviceCredentials>
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service name="AuthenticatedMessageService.AuthenticatedMessageService" behaviorConfiguration="AuthenticatedMessageService.Service1Behavior">
<endpoint
address=""
binding="webHttpBinding"
behaviorConfiguration="WebBehavior"
bindingConfiguration="WebConfiguration"
contract="AuthenticatedMessageService.IAuthenticatedMessageService" >
</endpoint>
</service>
</services>
</system.serviceModel>
Client Code:
X509Certificate2 Cert = new X509Certificate2(@"C:\Projects\Dummy Tests\AuthenticatedMessageService\WebClientToTest\clientCert.cer");
Uri address = new Uri("http://localhost/AuthenticatedMessageService/AuthenticatedMessageService.svc/Upload");
// Create the web request
HttpWebRequest request = WebRequest.Create(address) as HttpWebRequest;
request.ClientCertificates.Add(Cert);
request.UserAgent = "Client Cert Sample";
// Set type to POST
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
// Create the data we want to send
string data = "{\"SomeData\":\"someTestData\"}";
// Create a byte array of the data we want to send
byte[] byteData = UTF8Encoding.UTF8.GetBytes(data);
// Set the content length in the request headers
request.ContentLength = byteData.Length;
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
// Write data
using (Stream postStream = request.GetRequestStream())
{
postStream.Write(byteData, 0, byteData.Length);
}
PROBLEM: My service works and save stream data if i remove following segment from the configuration file and also remove SSL setting from IIS7.
<security mode="Transport">
<transport clientCredentialType="Certificate"/>
</security>
I would like to validate Client Certificate using this service. Could someone help please?
Regards,
Naz
解决方案Hi Naz,
As I understand, you want to secure your wcf with SSL, and varify the clients by certificate authentication.
Here are some articles may help you to achieve this
How to: Use Certificate Authentication and Transport Security in WCF Calling from Windows Forms
http://msdn.microsoft.com/en-us/library/ff650785.aspxTransport Security with Certificate Authentication
http://msdn.microsoft.com/en-us/library/ms731074.aspx
这篇关于宁静的帖子和证书验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文