没有 SSL 的 WCF 身份验证 [英] WCF Authentication WITHOUT SSL

问题描述

有没有办法在不实际设置 SSL 证书的情况下设置身份验证(ala基本身份验证")?我还想在 REST 或常规 SOAP WCF 服务中执行此操作，最好在 REST 中执行此操作，但希望能够混合这些服务.换句话说，我希望能够像基本身份验证一样发送常规的旧用户名和密码，但没有 SSL."有没有办法做到这一点?

Is there a way to setup authentication (ala "Basic Authentication") without actually setting up an SSL Certificate? I'd also like to do this in REST or regular SOAP WCF Services, preferably in REST, but would like to be able to mix the services. In other words, "I want to be able to send a regular old username and password just like in Basic Authentication but without the SSL." Is there a way to do this?

推荐答案

使用 TransportCredentialOnly 安全模式.这篇文章解释了如何做到这一点:

Use TransportCredentialOnly security mode. This post explains how to do it:

http://developers.de/blogs/damir_dobric/存档/2006/07/31/890.aspx.

不要忘记您还必须在 IIS 中启用基本身份验证.

Don't forget that you also have to enable basic authentication in IIS.

这篇关于没有 SSL 的 WCF 身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！