WCF 4 Web服务中的UsernameToken和SSL [英] UsernameToken and SSL in WCF 4 web service

问题描述

我正在创建一个Web服务，该服务将被世界另一部分的单个客户端使用.我对他们正在使用的技术没有任何知识或控制权，但已被要求

I am creating a web service that will be consumed by a single client in another part of the world. I don't have any knowledge or control over the technology they are using but have been asked to

"在传输过程中使用SSL加密邮件，并使用UsernameToken 用于客户端身份验证"

"use SSL to encrypt the message during transport and use UsernameToken for client authentication"

我打算使用WCF4来创建服务，并且通常知道如何进行全部设置.但是，我一直在努力寻找绑定等的正确配置.Google在WSE 3.0方面给了我很多结果，但是我很确定(如果我错了，请更正)我不应该在WCF中使用WSE服务.

I'm planning to use WCF4 to create the service and know generally how to set this all up. However I'm struggling to find the correct configuration for bindings etc. Google gives me lots of results around WSE 3.0 but I'm pretty sure (please correct me if I'm wrong) that I shouldn't be using WSE for a WCF service.

这篇文章最初似乎建议我应该使用自定义绑定，但同时又说我应该考虑将WCF系统定义的绑定与适当的安全设置一起使用，而不是创建自定义绑定".但是，我看不到任何应有的示例.

This article initially seems to suggest I should be using a custom binding but then also says I should "consider using the WCF system-defined bindings with appropriate security settings instead of creating a custom binding". However I can't see any examples of what this should be.

如果有人能指出正确的方向，我将不胜感激.

I would be grateful if anyone can point me in the right direction.

tl; dr :什么是支持SSL和UsernameToken的WCF4配置设置?

tl;dr: What are the WCF4 config settings to support SSL and UsernameToken?

推荐答案

看看WsHttpBinding.您可以使用TransportWithMessageCredential的安全模式来使用SSL和UserName的消息凭据.如果您在IIS中托管，请在此处设置SSL.

Take a look at the WsHttpBinding. You can use a security mode of TransportWithMessageCredential to use SSL and a message credential of UserName. If you are hosting in IIS set up SSL there.

您可以按以下步骤在config中设置绑定.

You can set up the binding in config as follows.

<bindings>
  <wsHttpBinding>
    <binding name="secureBinding">
      <security mode="TransportWithMessageCredential">
        <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
        <message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="false" />
      </security>
    </binding>
  </wsHttpBinding>
</bindings>

然后您可以按以下方式使用此绑定配置

You can then use this binding config as follows

<services>
  <service name="ServiceName">
    <endpoint address="" binding="wsHttpBinding" contract="ContractType" bindingConfiguration="secureBinding" />
  </service>
</services>

这两个元素都是config中system.serviceModel元素的子元素.

Both these elements are children of the system.serviceModel element in config.

这篇关于WCF 4 Web服务中的UsernameToken和SSL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！