数字签名在WCF SOAP消息 [英] Digital Signature for SOAP message in WCF

问题描述

我在4.0 WCF服务。

I have a WCF service in 4.0.

我需要数字签名添加到SOAP response.I不太清楚它是如何真正应该做的。我认为，应对应是什么样子显示在下面的链接。

I need to add digital signature to the SOAP response.I am not quite sure how it actually should be done. I believe the Response should look like what is shown in the link below.

<一个href="https://spaces.internet2.edu/display/ISWG/Signed+SOAP+Messages">https://spaces.internet2.edu/display/ISWG/Signed+SOAP+Messages

有没有在那里我能得到这个信息的任何地方吗？ 请指点。

Is there any place where i can get details about this? Please advice.

推荐答案

一个消息合同可以指示是否该邮件的标题和/或机构应进行数字签名和加密。

A message contract can indicate whether the headers and/or body of the message should be digitally signed and encrypted.

这是通过设置System.ServiceModel.MessageContractMemberAttribute.ProtectionLevel财产上的MessageHeaderAttribute和MessageBodyMemberAttribute属性进行。的属性是System.Net.Security.ProtectionLevel类型的枚举，并且可以设置为无（不加密或签名），注册（数字签名只），或EncryptAndSign（加密和数字签名）。默认值是EncryptAndSign。

This is done by setting the System.ServiceModel.MessageContractMemberAttribute.ProtectionLevel property on the MessageHeaderAttribute and MessageBodyMemberAttribute attributes. The property is an enumeration of the System.Net.Security.ProtectionLevel type and can be set to None (no encryption or signature), Sign (digital signature only), or EncryptAndSign (both encryption and a digital signature). The default is EncryptAndSign.

有关这些安全功能正常工作，必须正确配置的约束和行为。如果您使用这些安全特性，如果没有适当的配置（例如，尝试不提供您的凭据登录信息），抛出一个异常，在验证时间。

For these security features to work, you must properly configure the binding and behaviors. If you use these security features without the proper configuration (for example, attempting to sign a message without supplying your credentials), an exception is thrown at validation time.

有关消息头，保护级别分别为每头确定。

For message headers, the protection level is determined individually for each header.

有关消息的身体部位，所述保护等级可被认为是最低保护水平。本体只有一个保护水平，而不管身体部位的数量。身体的保护级别是所有身体部位的最高ProtectionLevel属性设置确定。但是，您应该将身体的每个部位所需要的实际最低保护等级的保护级别。请参阅这个文章更详细的例子。

For message body parts, the protection level can be thought of as the "minimum protection level." The body has only one protection level, regardless of the number of body parts. The protection level of the body is determined by the highest ProtectionLevel property setting of all the body parts. However, you should set the protection level of each body part to the actual minimum protection level required. Please see this article for more detailed examples.

这篇关于数字签名在WCF SOAP消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！