未在自定义凭据上设置 WCF 证书

发布于 2024-07-14 02:24:28 字数 2173 浏览 5 评论 0原文

我在 WCF 中有一个 ClientCredentials 的自定义实现。 ClientCredentials 的两个基本属性是 ClientCertificate 和 ServiceCertificate,如 此处 (MSDN)

在我的配置中,我设置了自定义 ClientCredentials,并定义了两个证书:

        <endpointBehaviors>
            <behavior name="MyCustomEndpointBehavior">
                <clientCredentials type="MyApp.Security.CentralAuthClientCredentials, MyApp">
                    <clientCertificate findValue="localhost" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" />
                    <serviceCertificate>
                        <defaultCertificate findValue="localhost" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" />
                        <authentication certificateValidationMode="None" revocationMode="NoCheck" />
                    </serviceCertificate>
                </clientCredentials>
            </behavior>
        </endpointBehaviors>

此配置完全 100% 使用用户名身份验证。 它使用证书来加密消息的用户名和密码。 然后我更改为我的自定义 ClientCredentials。

在运行时,以下是在我的 CentralAuthClientCredentials 上设置的属性:

this.ClientCertificate = System.ServiceModel.Security.X509CertificateInitiatorClientCredential
this.ClientCertificate.Certificate = null
this.ServiceCertificate = System.ServiceModel.Security.X509CertificateRecipientClientCredential
this.ServiceCertificate.DefaultCertificate = null

那么,为什么在配置中定义的客户端和服务默认证书没有在实际实例化对象上设置? 看起来 WCF 完全忽略了 XML 标签!

我可以使用一些代码(也许在凭据的构造函数中)来手动从配置中获取这些证书吗?

谢谢你的帮助!


更新

我是个白痴。 我想到了。 WCF 实际上是使用证书集正确创建了我的实例,但在我的 wcf 客户端中,我有以下删除/添加系列,我认为是从 MSDN 示例中复制的:

this.ChannelFactory.Endpoint.Behaviors.Remove<ClientCredentials>();
this.ChannelFactory.Endpoint.Behaviors.Add(new CentralAuthClientCredentials());
return base.Channel.MyServiceMethod();

要删除旧凭据并添加我自己的自定义的。 然而,这是创建一个没有设置证书的新实例! 哎呀!

I have a custom implementation of ClientCredentials in WCF. Two of the base properties of ClientCredentials are the ClientCertificate and ServiceCertificate, as seen here (MSDN).

In my configuration, I have my custom ClientCredentials set, and both certificates defined:

        <endpointBehaviors>
            <behavior name="MyCustomEndpointBehavior">
                <clientCredentials type="MyApp.Security.CentralAuthClientCredentials, MyApp">
                    <clientCertificate findValue="localhost" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" />
                    <serviceCertificate>
                        <defaultCertificate findValue="localhost" x509FindType="FindBySubjectName" storeLocation="CurrentUser" storeName="My" />
                        <authentication certificateValidationMode="None" revocationMode="NoCheck" />
                    </serviceCertificate>
                </clientCredentials>
            </behavior>
        </endpointBehaviors>

This configuration was completely 100% working with UserName authentication. It used the certs to encrypt the username and password for the Message. Then I changed to my custom ClientCredentials.

At runtime, here are the properties that are set on my CentralAuthClientCredentials:

this.ClientCertificate = System.ServiceModel.Security.X509CertificateInitiatorClientCredential
this.ClientCertificate.Certificate = null
this.ServiceCertificate = System.ServiceModel.Security.X509CertificateRecipientClientCredential
this.ServiceCertificate.DefaultCertificate = null

So, why are the client and service default certificate that are defined in configuration not set on the actual instantiated object? It looks as if WCF ignored the XML tags completely!

Is there some code I can use, maybe in the constructor of the credentials, to get those certificates from the configuration manually?

Thanks for any help!


Update

I'm an idiot. I figured it out. WCF was actually creating my instance correctly with the certificates set, but in my wcf client, I had the following remove/add series, that I think I copied from the MSDN example:

this.ChannelFactory.Endpoint.Behaviors.Remove<ClientCredentials>();
this.ChannelFactory.Endpoint.Behaviors.Add(new CentralAuthClientCredentials());
return base.Channel.MyServiceMethod();

To remove the old credentials and add my own custom ones. However this was making a new instance that didnt have the certificates set! oops!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

沙沙粒小 2024-07-21 02:24:28

为了将其标记为已回答,我添加了自己的解决方案,即从生成新凭据的客户端中删除此代码:

this.ChannelFactory.Endpoint.Behaviors.Remove<ClientCredentials>();
this.ChannelFactory.Endpoint.Behaviors.Add(new CentralAuthClientCredentials());

并使用 WCF 已设置的凭据,而不是对其调用Remove()。

So that I can mark this as answered, I'm adding my own solution, which was to remove this code from the client that makes a new credential:

this.ChannelFactory.Endpoint.Behaviors.Remove<ClientCredentials>();
this.ChannelFactory.Endpoint.Behaviors.Add(new CentralAuthClientCredentials());

and use the one already set by WCF, instead of calling Remove() on it.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文