在 WCF 中启用基本 HttpBinding(无需 SSL)
这里的想法是,为了我的测试,在我承诺购买 SSL 证书之前,我想以非 ssl 模式启用 WCF 服务。我过去曾使用此代码完成此操作,但在我的一生中,无法弄清楚如何将其转换为 web.config 文件。
如果有人能给我指明如何进行翻译的正确方向,我将不胜感激。
Binding basicBinding = null;
if (RegistryConnectionStringFactory.UseSslForCommunications)
{
basicBinding = new BasicHttpBinding();
(basicBinding as BasicHttpBinding).Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
(basicBinding as BasicHttpBinding).Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
creds.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.MembershipProvider;
creds.UserNameAuthentication.MembershipProvider = Membership.Provider;
}
else
{
HttpTransportBindingElement transport = new HttpTransportBindingElement()
{
AuthenticationScheme = System.Net.AuthenticationSchemes.Basic
};
basicBinding = new CustomBinding(transport);
svcHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new AspNetUsernamePasswordValidator();
svcHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
}
The idea here is that for my testing, before I commit to purchasing the SSL certificate, I want to enable the WCF service in non-ssl mode. I've done it in the past using this code, but for the life of me, cannot figure out how to translate it into the web.config file.
If someone can put me in the right direction on how you would go about this translation, that would be much appreciated.
Binding basicBinding = null;
if (RegistryConnectionStringFactory.UseSslForCommunications)
{
basicBinding = new BasicHttpBinding();
(basicBinding as BasicHttpBinding).Security.Mode = BasicHttpSecurityMode.TransportWithMessageCredential;
(basicBinding as BasicHttpBinding).Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
creds.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.MembershipProvider;
creds.UserNameAuthentication.MembershipProvider = Membership.Provider;
}
else
{
HttpTransportBindingElement transport = new HttpTransportBindingElement()
{
AuthenticationScheme = System.Net.AuthenticationSchemes.Basic
};
basicBinding = new CustomBinding(transport);
svcHost.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new AspNetUsernamePasswordValidator();
svcHost.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
因为您的帖子建议这样做以避免在测试完成之前购买 SSL 证书,所以我想问:为了节省一些时间,您可以使用
makecert?如果是这样,这些注释可能会有所帮助。
创建根证书密钥文件...
创建 .PFX 文件...
然后,使用证书管理单元将
mycert.cer文件导入本地计算机上的受信任根证书颁发机构告诉那些在本地计算机上运行的应用程序,由您自己的机构签署的任何证书都是值得信赖的。接下来,将
localhost.pfx文件导入到本地计算机上的个人存储中。 (这样做会使证书可供 IIS 使用,以便它可以根据您自己的权限将自己声明为名为“localhost”的服务器。)此处有有关如何将 .PFX 文件导入 IIS 7 的详细说明:http://www.digicert.com/ssl-support/pfx -导入-导出-iis-7.htm
Because your post suggests that want to do this to avoid purchasing an SSL certificate before your testing is complete, I wanted to ask: To save yourself some time, could you just create your own self-signed certificate using
makecert?If so, these notes might be of some help.
To create root certificate key files...
To create a .PFX file...
Then, using the Certificates snap-in, import the
mycert.cerfile into the Trusted Root Certification Authorities on the local computer to tell those apps running on the local machine that any certificate signed by your own authority is trustworty.Next, you import the
localhost.pfxfile into the Personal store on the local computer. (Doing this makes the certificate available to IIS so that it may declare itself, by your own authority, to be the server named "localhost".)There's a detailed descripton of how to import the .PFX file into IIS 7 here: http://www.digicert.com/ssl-support/pfx-import-export-iis-7.htm
我今天也在看类似的东西,但我的知识并不是 100% 完整的。
对于绑定,您需要执行以下操作:
然后您需要为自定义验证创建一个 serviceBehaviour:
显然没有经过测试,但类似的配置对我有用,它可能会让您开始...
I was looking at something similar today as well but my knowledge isn't 100% complete.
For the binding you will need to do something like this:
Then you need to create a serviceBehaviour for the custom validation:
obviously not tested but a similar config just worked for me and it may get you started...
BasicHttpBinding 基于配置的方法有什么问题?您只需使用 TransportWithMessageCredential 和 UserName 凭据通过 HTTPS 进行通信,或使用 TransportCredentialOnly 和 Basic 凭据通过 HTTP 进行通信。
What is wrong with configuration based approach for BasicHttpBinding? You simply use TransportWithMessageCredential and UserName credentials for communication over HTTPS or TransportCredentialOnly and Basic credentials for communication over HTTP.
这是一种极端情况,但您可以通过将安全模式设置为“无”来允许匿名和非 SSL。匿名也可能会影响您的测试,因此可能不推荐。
来自http://msdn.microsoft.com/en-us/library/ms731172。 aspx:
绑定中的传输凭证
This is an extreme but you can allow anonymous and non-SSL by setting the security mode to "none". Anonymous might also affect your testing so probably not recommended.
From http://msdn.microsoft.com/en-us/library/ms731172.aspx:
Transport Credentials in Bindings