WCF:如何使用AllowInsecureTransport
在.NET 4 WCF 的上下文中,我尝试使用新的AllowInsecureTransport 属性,以便我可以在不使用SSL 的情况下使用自定义身份验证(仅在我们的开发环境中 - 我们在生产中使用SSL)。
我的绑定配置如下所示:
<bindings>
<wsHttpBinding>
<binding name="CustomAuthentication">
<security mode="TransportWithMessageCredential" allowInsecureTransport="true">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
但是,我收到无法识别的属性“allowInsecureTransport”错误。 此属性在此中进行了描述线程,并有帮助msdn。
有人可以帮助我了解我对 WCF 配置选项的相当无知的知识,并为我指明正确的方向吗?
我不想使用 ClearUsernameBinding 如此处,但如果没有其他内置选项,则会这样做。
Within the context of .NET 4 WCF, I am attempting to use the new AllowInsecureTransport attribute so that I can use my custom authentication without using SSL (in our development environment only - we are using SSL in production).
My bindings config looks like:
<bindings>
<wsHttpBinding>
<binding name="CustomAuthentication">
<security mode="TransportWithMessageCredential" allowInsecureTransport="true">
<transport clientCredentialType="None" />
<message clientCredentialType="UserName"/>
</security>
</binding>
</wsHttpBinding>
</bindings>
However, I am getting a Unrecognized attribute 'allowInsecureTransport' error.
This attribute was described in this thread, and has help on msdn.
Can someone help me with my rather inept knowledge of WCF config options and point me in the right direction?
I'd prefer not to use the ClearUsernameBinding as described here, but will if there is no other inbuilt option.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我确实相信该元素只能通过自定义绑定使用...如果您看到文档,它是 SecurityBindingElement 的一部分,而不是像 wsHttpBinding 这样的标准绑定的一部分。您指向的线程确实有一个使用自定义绑定来启用它的配置示例。
I do believe that element is only usable through a custom binding... if you see the docs, it's part of the SecurityBindingElement, not part of a standard binding like wsHttpBinding. The thread you pointed to does have an example of a configuration using a custom binding to enable it.