TraceViewer 如何与安全的 WCF 服务配合使用?
嗨!
我有一个通过 TCP 运行的 WCF 服务,具有如下所示的证书安全性:
<binding name="netTcpUserNameMessageSecurity" portSharingEnabled="True" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="10" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Windows" />
<message clientCredentialType="UserName" />
</security>
</binding>
在 TraceViewer 中检查日志时,我可以看到数据采用明文 xml 格式(未加密)。 TraceViewer 是否解密数据,或者即使我使用证书安全性,我是否真的以清晰的 xml 格式发送所有数据?
请注意,我在同一台计算机上运行服务和客户端,并且我正在分析的日志来自服务。
谨致问候
Hi!
I have a WCF Service that runs over TCP with Certificate security like this :
<binding name="netTcpUserNameMessageSecurity" portSharingEnabled="True" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="10" maxReceivedMessageSize="2147483647">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
<reliableSession ordered="true" inactivityTimeout="infinite" enabled="false" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="Windows" />
<message clientCredentialType="UserName" />
</security>
</binding>
When cheking the log in TraceViewer I can see that the data is in clear xml(no encryption). Is the TraceViewer decrypt data or am I really sending all my data in clear xml even when Im using certificate security?
Pleas note that I am running the service and the client on the same machine and the log I am analyzing is from the service.
Best Regards
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您正在使用发生在 WCF 外部的传输级加密,因此您的消息日志记录以纯文本形式记录消息。如果您使用消息级加密,那么 WCF 将从传输通道获取加密消息并记录它(加密),接下来它将在安全通道中处理消息并记录它(解密)。此日志记录可以在消息日志记录配置 - logMessagesAtTransportLevel 和 logMessagesAtServiceLevel 中控制。
You are using transport level encryption which happens outside WCF so your message logging logs the message in the plain text. If you use message level encryption then WCF will get encrypted message from transport channel and logs it (encrypted) next it will process the message in security channel and logs it (decrypted). This logging can be controlled in message logging configuration - logMessagesAtTransportLevel and logMessagesAtServiceLevel.