使用传输安全模式的 WCF 服务的证书信息

发布于 2024-09-03 13:19:57 字数 464 浏览 1 评论 0原文

使用

我的服务器配置如下：

  <basicHttpBinding>
    <binding name="SecuredBasicBindingCert">
      <security mode="Transport">
        <message clientCredentialType="Certificate" />
      </security>
    </binding>
  </basicHttpBinding>

正在使用第三方发布/订阅系统，不幸的是，该系统使用 DataPower 进行身份验证如果我使用 WCF 进行此配置，那么我将无法收集任何信息。关于调用者（因为实际上没有发送凭据），

我需要能够找出谁在调用我的服务，而不更改我的配置或要求他们更改其负载。

原文

Is there any way to pull information about which client certificate was used inside of my web service method when using <security mode="Transport>? I sifted through OperationContext.Current but couldn't find anything obvious.

My server configuration is as follows:

  <basicHttpBinding>
    <binding name="SecuredBasicBindingCert">
      <security mode="Transport">
        <message clientCredentialType="Certificate" />
      </security>
    </binding>
  </basicHttpBinding>

I'm working with a third party pub/sub system who is unfortunately using DataPower for authentication. It seems like if I'm using WCF with this configuration, then I'm unable to glean any information about the caller (since no credentials are actually sent).

I somehow need to be able to figure out whose making calls to my service without changing my configuration or asking them to change their payload.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

云雾 2024-09-10 13:19:57

是的，但它不直观。

首先，确保并引用服务库中的 System.IdentityModel 程序集。

现在，将类似于以下内容的内容添加到您想了解客户端证书的服务方法中：

// Find the certificate ClaimSet associated with the client
foreach (ClaimSet claimSet in OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets)
{
    X509CertificateClaimSet certificateClaimSet = claimSet as X509CertificateClaimSet;
    if (certificateClaimSet != null)
    {
        // We found the ClaimSet, now extract the certificate
        X509Certificate2 certificate = certificateClaimSet.X509Certificate;

        // Do something interesting with information contained in the certificate
        Debug.Print("Certificate Subject: " + certificate.Subject);
    }
}

希望这会有所帮助！

Yes, but it's unintuitive.

First, be sure and reference the System.IdentityModel assembly from your service library.

Now, add something similar the following to your service method where you would like to know about the client certificate:

// Find the certificate ClaimSet associated with the client
foreach (ClaimSet claimSet in OperationContext.Current.ServiceSecurityContext.AuthorizationContext.ClaimSets)
{
    X509CertificateClaimSet certificateClaimSet = claimSet as X509CertificateClaimSet;
    if (certificateClaimSet != null)
    {
        // We found the ClaimSet, now extract the certificate
        X509Certificate2 certificate = certificateClaimSet.X509Certificate;

        // Do something interesting with information contained in the certificate
        Debug.Print("Certificate Subject: " + certificate.Subject);
    }
}

Hope this helps!

回复收藏 0 原文

~没有更多了~