WCF NetTcpBinding何时需要客户端完全信任?
我正在使用 WCF 与多个服务器进行通信。
对于我的本地服务器,netTcpBinding 按预期工作,没有问题。
但是,当我尝试在 app.config 中使用以下 netTcpBinding 连接到远程服务器 (Azure) 时,这将使应用程序在初始化时崩溃,因为在没有完全信任的情况下无法创建 netTcpBinding。
在 app.config 文件中进行此绑定,
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
将会导致以下错误:
为“system.serviceModel/bindings”创建配置节处理程序时发生错误:该程序集不允许部分受信任的调用方。 (K:\Somepath\Testing.exe.Config 第 6 行)
奇怪的事情:在 app.config 文件中,我得到了连接到其他 netTcpBindings 的客户端端点(没有在绑定部分明确声明它们)。
为什么这些通用 netTcpBindings 可以在部分信任的情况下工作,但我上面展示的却不能?
或者我只是对这个错误消息感到困惑,问题不在于完全信任?
更新:如果我删除 <绑定>部分内容将毫无问题地运行。那么我可以部分信任地使用netTcpBinding,但不允许我修改参数?这很遗憾,因为我希望对我的通信进行某种形式的加密。
I'm using WCF to communicate to several servers.
For my local server netTcpBinding works like expected, no problems.
But when I try to connect to my remote server (Azure) using the following netTcpBinding in app.config, this will crash the application on initialization since the netTcpBinding can't be created without full trust.
This binding in the app.config file,
<bindings>
<netTcpBinding>
<binding name="NetTcpBinding_IService" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions"
hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288"
maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<reliableSession ordered="true" inactivityTimeout="00:10:00"
enabled="false" />
<security mode="Transport">
<transport clientCredentialType="None" protectionLevel="EncryptAndSign" />
<message clientCredentialType="Windows" />
</security>
</binding>
</netTcpBinding>
</bindings>
It will result in this error:
An error occurred creating the configuration section handler for "system.serviceModel/bindings": That assembly does not allow partially trusted callers. (K:\Somepath\Testing.exe.Config line 6)
The strange thing: In the app.config file I got client endpoints connecting to other netTcpBindings (without declaring them explizitely in the binding section).
Why do these generic netTcpBindings work in partial trust, but the one I showed above does not?
Or am I just confused by this error message and the problem is not about full trust?
Update: If I remove the <binding> section the stuff will run without problems. So I'm allowed to use netTcpBinding in partial trust, but I'm not allowed to modify the parameters? This is a pity since I'd like to have some form of encryption on my communication.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
一般而言,部分信任环境不支持 NetTcpBinding。
虽然基本通信工作正常(正如您在其他环境中所见),但 TransportSecurity 和 ReliableMessaging(您的示例配置中具有)等功能显然是不支持部分信任(这很糟糕)。
NetTcpBinding in general is not supported in partial trust environments.
While the basic communication works fine (as you've seen in other environments), features like TransportSecurity and ReliableMessaging (which you have on your sample configuration) are explicitly not supported on partial trust (it sucks, big time).