WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

时间:2021-10-22 15:41:01

原创地址:http://www.cnblogs.com/jfzhu/p/4071342.html

转载请注明出处

前面文章介绍了《WCF basicHttpBinding之Message Security Mode》如何basicHttpBinding的Message Security Mode,并且clientCredentialType用的是certificate。

本文演示basicHttpbinding使用Transport Security Mode,并且clientCredentialType="None"。

(一)WCF 服务代码与配置文件

IDemoService.cs

using System.ServiceModel;

namespace WCFDemo

{

    [ServiceContract(Name = "IDemoService")]

    public interface IDemoService

    {

        [OperationContract]

        [FaultContract(typeof(DivideByZeroFault))]

        int Divide(int numerator, int denominator);

    }

}

DemoService.cs

using System;

using System.ServiceModel;

using System.ServiceModel.Activation;

namespace WCFDemo

{

    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]

    public class DemoService : IDemoService

    {

        public int Divide(int numerator, int denominator)

        {

            try

            {

                return numerator / denominator;

            }

            catch (DivideByZeroException ex)

            {

                DivideByZeroFault fault = new DivideByZeroFault();

                fault.Error = ex.Message;

                fault.Detail = "Denominator cannot be ZERO!";

                throw new FaultException<DivideByZeroFault>(fault);

            }

        }

    }

}

完整的代码也可以参见《WCF服务创建与抛出强类型SOAP Fault》

server web.config

<?xml version="1.0"?>

<configuration>

    <system.web>

      <compilation debug="true" targetFramework="4.0" />

    </system.web>

    <system.serviceModel>

      <bindings>

        <basicHttpBinding>

          <binding name="basicBinding">

            <security mode="Transport">

              <transport clientCredentialType="None" />

            </security>

          </binding>

        </basicHttpBinding>

      </bindings>

      <services>

        <service name="WCFDemo.DemoService" behaviorConfiguration="CustomBehavior">

          <endpoint address="DemoService" binding="basicHttpBinding" contract="WCFDemo.IDemoService" bindingConfiguration="basicBinding" />

          <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>

        </service>

      </services>

        <behaviors>

            <serviceBehaviors>

                <behavior name="CustomBehavior">

                    <serviceMetadata httpsGetEnabled="true" />

                    <serviceDebug includeExceptionDetailInFaults="false" />

                </behavior>

            </serviceBehaviors>

        </behaviors>

        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />

    </system.serviceModel>

</configuration>

(二)为WCF Service application添加一个https binding。

具体作法参见《Step by Step 配置使用HTTPS的ASP.NET Web应用》

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

配置完https binding之后,双击SSL Settings

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

勾选Require SSL,点击Apply。

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

Http的Binding还是不可缺少,否则会出现下面的错误

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

(三)在客户端安装SSL根证书

由于https证书使用的是

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

所以我们使用的WCF Service URL为 https://win-ounm08eqe64.henry.huang/DemoService.svc

在客户端,为C:\Windows\System32\Drivers\etc\host 添加一条记录

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

然后安装根证书

双击根证书文件,弹出证书属性的对话框,此时该根证书并不受信任,我们需要将其加入“受信任的根证书颁发机构”,点击安装证书

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

(四)客户端代码与配置文件

在客户端Visual Studio添加Service Reference

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

private void buttonCalculate_Click(object sender, EventArgs e)

{

    try

    {

        textBoxResult.Text = demoServiceClient.Divide(Convert.ToInt32(textBoxNumerator.Text), Convert.ToInt32(textBoxDenominator.Text)).ToString();

    }

    catch (FaultException<DemoServiceReference.DivideByZeroFault> fault)

    {

        MessageBox.Show(fault.Detail.Error + " - " + fault.Detail.Detail);

    }

}

client app.config

<?xml version="1.0" encoding="utf-8" ?>

<configuration>

    <system.serviceModel>

        <bindings>

            <basicHttpBinding>

                <binding name="BasicHttpBinding_IDemoService">

                    <security mode="Transport" />

                </binding>

            </basicHttpBinding>

        </bindings>

        <client>

            <endpoint address="https://win-ounm08eqe64.henry.huang/DemoService.svc/DemoService"

                binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDemoService"

                contract="DemoServiceReference.IDemoService" name="BasicHttpBinding_IDemoService" />

        </client>

    </system.serviceModel>

</configuration>

(五)运行代码,监听Message

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

使用Fiddler,发现消息全部加密

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

但是如果用Microsoft Service Trace Viewer查看Message Log(参见《使用WCF的Trace与Message Log功能 》),可以看到解密后的信息,因为它不是在wire上监听,而Fiddler是在wire上进行监听。

Request:

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

Response:

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

(六)总结

Transport Security Mode是传输协议级的加密,而Message Security Mode是对消息级别的加密。每种协议都有自己对应的传输协议级的加密方式,比如HTTP的加密方式就为SSL。

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"的更多相关文章

  1. WCF wsHttpBinding之Transport security Mode&comma; clientCredentialType&equals;”Basic”

    原创地址:http://www.cnblogs.com/jfzhu/p/4071342.html 转载请注明出处 如何在WCF中使用Transport Security Mode,以及如何创建证书,请 ...

  2. WCF basicHttpBinding之Message Security Mode

    原创地址:http://www.cnblogs.com/jfzhu/p/4067873.html 转载请注明出处 前面的文章<WCF Security基本概念>介绍了WCF的securit ...

  3. iOS App 不支持http协议 App Transport Security has blocked a cleartext HTTP &lpar;http&colon;&sol;&sol;&rpar;

    目前iOS已经不支持http协议了,不过可以通过info.plist设置允许 App Transport Security has blocked a cleartext HTTP (http://) ...

  4. App Transport Security has blocked a cleartext HTTP &lpar;http&colon;&sol;&sol;&rpar; resource load since it is insecure&period; Temporary exceptions can be configured via your app&&num;39&semi;s Info&period;plist file

    ios进行http请求,会出现这个问题: App Transport Security has blocked a cleartext HTTP (http://) resource load sin ...

  5. App Transport Security has blocked a cleartext HTTP &lpar;http&colon;&sol;&sol;&rpar;

    使用SDWebImage加载“http://”开头的图片报错,错误如下: App Transport Security has blocked a cleartext HTTP (http://) r ...

  6. iOS9中的App Transport Security

    问题:webView加载网页加载不出来 原因:苹果在iOS9 sdk中加入了App Transport Security限制(iOS9以前的iOS sdk默认关闭ATS),默认强制使用https,并且 ...

  7. 网络请求报错:The resource could not be loaded because the App Transport Security policy requires the use of a secure connection&period;

    iOS9引入了新特性App Transport Security (ATS).详情:App Transport Security (ATS) 如果你想设置不阻止任何网络,只需要在info.plist文 ...

  8. IOS开发 App Transport Security has blocked a cleartext HTTP &lpar;http&colon;&sol;&sol;&rpar; resource load since it is insecure&period; Temporary exceptions can be configured via your app&&num;39&semi;s Info&period;plist file&period;

    xcode自7后不再使用http,而是使用https请求,但目前很多网络请求还只是以http请求,我们可以这样解决 info.plist->添加@“App Transport Security ...

  9. App Transport Security has blocked a cleartext

    错误描述: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecu ...

随机推荐

  1. 顺序栈的c&plus;&plus;实现及利用其实现括号的匹配

    #include<iostream>#include<cassert>#include<cstring>#include<string>using na ...

  2. 用 Qt 中的 QDomDocument类 处理 XML 文件(上)

      我们可以看到,如果所要读取的XML文件不是很大,采用DOM读取方法还是很便捷的,由于我用的也是DOM树读取的方法,所以,本文所介绍的也主要是基于DOM的方法读取. 根据常用的操作,我简单的把对XM ...

  3. Letter Combinations of a Phone Number:深度优先和广度优先两种解法

    Letter Combinations of a Phone Number Given a digit string, return all possible letter combinations ...

  4. sourcetree 修改文件后提交上去,文件丢失

    提交sourcetree 修改后,图片资源提交上去了,json文件没提交上去,原因是本地finder隐藏文件.gitignore_global中把一些文件类型都隐藏了不让提交. 具体使用default ...

  5. python第一百零九天---Django 4

    session :1. Session 基于Cookie做用户验证时:敏感信息不适合放在cookie中 a. Session原理 Cookie是保存在用户浏览器端的键值对 Session是保存在服务器 ...

  6. zookeeper&colon; zkServer&period;sh status没有到主机的路由

    zookeeper: zkServer.sh status没有到主机的路由 没有到主机的路由这种问题很常见,多数是由机器的防火墙没有关闭. Ubuntu查看防火墙状态ufw status 关闭防火墙u ...

  7. 稳定获取Android设备唯一码(UUID)的解决方案

    最近做的一个项目中需要用到Android设备唯一码(UUID)来标识一台设备, Android中设备唯一码有很多,如:MAC地址.IMEI号(DeviceId).IMSI号.ANDROID_ID.序列 ...

  8. APP中https证书有效性验证引发安全问题(例Fiddler可抓https包)

    原文: https://blog.csdn.net/woddle/article/details/71175140 在实际项目代码审计中发现,目前很多手机银行虽然使用了https通信方式,但是只是简单 ...

  9. PL&sol;SQL 日期时间类型函数及运算

    内部存储格式: 世纪.年.月.日.小时.分钟.秒 默认格式是:DD-MON-RR. SYSDATE 返回当前的系统时间. SELECT SYSDATE FROM DUAL: 对日期的数学运算 SELE ...

  10. 大数据开发实战:Hive优化实战2-大表join小表优化

    4.大表join小表优化 和join相关的优化主要分为mapjoin可以解决的优化(即大表join小表)和mapjoin无法解决的优化(即大表join大表),前者相对容易解决,后者较难,比较麻烦. 首 ...

相关文章