如何在 IIS7 中配置 WCF 服务:HTTPS、Sessions、wsHttpBinding (SOAP)
情况:
- 我们有带有 IIS7 的 Windows 2008 Web 服务器,(.NET4)
- 我们只能通过默认的 HTTPS (443) 端口与 Web 服务器进行通信
- 。 NET 网站托管在服务器上,该服务是网站代码的一部分。
- 一些客户端(支持 WCF 的桌面应用程序)希望与我们新的 WCF Web 服务进行通信。
- 双方之间的消息大小可以是 100 - 400 kb
- 我们希望将 WCF 服务保留为 IIS 的一部分。
- 在客户端,我们请求自定义用户名和密码来连接到我们的服务
- 有更长的会话,后面有更多的数据库处理
- 并且有快速的短会话 - 例如来自客户端的 ping
- 客户端密码存储在我们的网络服务器上(来自数据库) - 客户端应根据这些密码进行身份验证。
问题:
1. 根据这些限制,最好使用什么协议?
2. 默认情况下您会使用会话吗?
3. 首先尝试此绑定(它有效,但没有会话支持)
<!--define a SOAP binding-->
<wsHttpBinding>
<binding name="DefaultSOAPBasedHTTPSBinding" maxReceivedMessageSize="400000">
<readerQuotas maxArrayLength="102400" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
启用会话:
<wsHttpBinding>
<binding name="DefaultSOAPBasedHTTPSBinding" maxReceivedMessageSize="400000">
<readerQuotas maxArrayLength="102400" />
<reliableSession enabled="true" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" />
<message clientCredentialType="Certificate"/>
</security>
</binding>
</wsHttpBinding>
我的感觉是,此传输 &消息安全性太多了 - 我的意思是我们真的需要它才能允许与 wsHttpBinding 的会话吗?
The situation:
- We have Windows 2008 web serverse with IIS7, (.NET4)
- We can comminicate with the webserver only through the default HTTPS (443) port
- There is an ASP.NET website hosted on the servers, the service is part of the website code.
- Some clients (desktop applications with WCF support) want to communicate with our new WCF webservice
- Message size between the parties can be 100 - 400 kb
- We'd like to keep the WCF service part of the IIS.
- On client side we request a custom username and password to connect to our service
- There are longer sessions with more DB processign behind
- And there are quick short sessions - like ping from the client
- The client passwords are stored on our webserver (from DB) - clients should be authenticated against these passwords.
Question:
1. From these constraints what would be the best protocol to use?
2. Would you use sessions by default?
3. Tried this binding first (it works, however there is no session support)
<!--define a SOAP binding-->
<wsHttpBinding>
<binding name="DefaultSOAPBasedHTTPSBinding" maxReceivedMessageSize="400000">
<readerQuotas maxArrayLength="102400" />
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
</binding>
</wsHttpBinding>
To enable sessions:
<wsHttpBinding>
<binding name="DefaultSOAPBasedHTTPSBinding" maxReceivedMessageSize="400000">
<readerQuotas maxArrayLength="102400" />
<reliableSession enabled="true" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Basic" />
<message clientCredentialType="Certificate"/>
</security>
</binding>
</wsHttpBinding>
My feeling is that this transport & message securtiy is too much - I mean do we really need this in order to allow sessions with wsHttpBinding?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我建议在每次调用时使用以下绑定配置:
希望有帮助!
I suggest the following binding configuration along with per call:
Hope it helps!
所以,最后我使用了 Session,因为它对性能没有太大影响。这也是我们应该知道如何通过网络服务与我们对话的一个限制。所以我们需要认证。
博德的回答很有帮助 - 然而缺少的是自定义名称和密码验证器:
http://msdn.microsoft.com/en-us/library/aa702565。 aspx
使用此 web.config:
也许它可以帮助某人...
并且在发现这些神奇 WCF 配置问题时,WCF 跟踪也有很大帮助:
So, finally I use Session because it hasn't got too big performance impact. And it was also a constrain that we should know how is talking to us via the webservice. So we need authentication.
Beaud's answer helped a lot - however the missing piece was the custom name and password validaror:
http://msdn.microsoft.com/en-us/library/aa702565.aspx
With this web.config:
Maybe it helps somebody...
And the WCF tracing is also a big help when finding these magic WCF configuration issues: