WCF wsdualhttpBinding 自定义用户名
我遇到了非常烦人的错误: 我的场景 - 使用 wsdualhttpbinding 在 WCF 中实现的简单消息/邮件服务器\客户端(双重回调,在线更新新消息)。
所有安全配置都是用代码编写的(根本没有 *.config)。第一次连接时,客户端抛出以下内容 [System.Security.Cryptography.CryptographicException] = {“长度错误。\r\n”} 具有 NULL 内部异常,因此不可能进行更深入的钻探。 服务器配置:
WSDualHttpBinding binding = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
Uri baseServiceAddress = new Uri(@"http://"+Environment.MachineName+":7921/Mail/");
host = new ServiceHost(theMightyMailServer,baseServiceAddress);
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
host.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
host.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = validator;
host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root, X509FindType.FindByIssuerName, "MailServer");
ServiceDebugBehavior d = new ServiceDebugBehavior();
d.IncludeExceptionDetailInFaults = true;
host.Description.Behaviors.Remove<ServiceDebugBehavior>();
host.Description.Behaviors.Add(d);
ServiceMetadataBehavior b = new ServiceMetadataBehavior();
b.HttpGetEnabled = true;
host.Description.Behaviors.Remove<ServiceMetadataBehavior>();
host.Description.Behaviors.Add(b);
var mexBinding = MetadataExchangeBindings.CreateMexHttpBinding();
host.AddServiceEndpoint(typeof(IMailServer), binding, "Service");
host.AddServiceEndpoint(typeof(IMetadataExchange),mexBinding,"");
host.Open();
客户端配置:
client = new MailServerReference.MailServerClient(new InstanceContext(this));
client.ClientCredentials.UserName.UserName = currentUser.UserName;
client.ClientCredentials.UserName.Password = currentUser.Password;
client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root,X509FindType.FindByIssuerName, "MailServer");
currentUser.ID = client.getUID();
client.RegisterOnServer(currentUser.ID);
return true;
}
catch (Exception ex) { MessageBox.Show(ex.Message); return false; }
任何帮助将非常感激。顺便说一句,我是 WCF 的新手,所以也许我缺少一些基本概念。
I'v got very annoying error:
My scenario - simple message/mail server\client implemented in WCF with wsdualhttpbinding (dual for callbacks , online update on new message).
All security config is written in code (no *.config at all) . Upon first connection the client throws the following
[System.Security.Cryptography.CryptographicException] = {"Bad Length.\r\n"}
with NULL inner exception , so drilling deeper isn't possible .
Server configuration :
WSDualHttpBinding binding = new WSDualHttpBinding(WSDualHttpSecurityMode.Message);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
Uri baseServiceAddress = new Uri(@"http://"+Environment.MachineName+":7921/Mail/");
host = new ServiceHost(theMightyMailServer,baseServiceAddress);
host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
host.Credentials.UserNameAuthentication.UserNamePasswordValidationMode = UserNamePasswordValidationMode.Custom;
host.Credentials.UserNameAuthentication.CustomUserNamePasswordValidator = validator;
host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root, X509FindType.FindByIssuerName, "MailServer");
ServiceDebugBehavior d = new ServiceDebugBehavior();
d.IncludeExceptionDetailInFaults = true;
host.Description.Behaviors.Remove<ServiceDebugBehavior>();
host.Description.Behaviors.Add(d);
ServiceMetadataBehavior b = new ServiceMetadataBehavior();
b.HttpGetEnabled = true;
host.Description.Behaviors.Remove<ServiceMetadataBehavior>();
host.Description.Behaviors.Add(b);
var mexBinding = MetadataExchangeBindings.CreateMexHttpBinding();
host.AddServiceEndpoint(typeof(IMailServer), binding, "Service");
host.AddServiceEndpoint(typeof(IMetadataExchange),mexBinding,"");
host.Open();
Client configuration :
client = new MailServerReference.MailServerClient(new InstanceContext(this));
client.ClientCredentials.UserName.UserName = currentUser.UserName;
client.ClientCredentials.UserName.Password = currentUser.Password;
client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.CurrentUser, StoreName.Root,X509FindType.FindByIssuerName, "MailServer");
currentUser.ID = client.getUID();
client.RegisterOnServer(currentUser.ID);
return true;
}
catch (Exception ex) { MessageBox.Show(ex.Message); return false; }
Any help would be very much appreciated.And BTW I am new to WCF , so maybe I am missing some basic concept .
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我会尝试在客户端和服务器上将
ServiceCertificate和ClientCertificate设置为相同的值。至少,我就是这样做的。已经有一段时间了,但我认为当只设置一个证书或另一个证书而不是同时设置两个证书时,我遇到了问题。编辑附加信息:
在我的例子中,我使用
CustomBinding而不是WSDualHttpBinding但我最终对双方的 ServiceCertificate 和 ClientCertificate 使用完全相同的证书(客户端和服务器)。更具体地说,我有一个扩展 System.ServiceModel.Description.ServiceCredentials 的类
,并且我将其中之一传递给客户端和服务器实现中的 CustomBinding 构造函数。
无论如何,我认为因为绑定的
Message安全性已打开,所以它期望双向都有消息级安全性,因此双方都需要证书(ServiceCertificate 和 ClientCertificate)。但我可能完全错了,我只是说;尝试一下,看看是否有帮助......
I would try setting the
ServiceCertificateandClientCertificateto the same thing on both the client and the server. At least, that is the way I've done this. It has been a while, but I think I had issues when only one certificate or the other was set, and not both.Edit for additional info:
In my case, I use a
CustomBindinginstead of aWSDualHttpBindingbut I ended up using the exact same certificate for the ServiceCertificate and ClientCertificate on both sides (client and server).More specifically, I have a class that extends
System.ServiceModel.Description.ServiceCredentialsAnd I pass one of those to my CustomBinding constructor in both the client and server implementation.
Anyway, I think because
Messagesecurity is turned on for the binding, it expects there to be message level security in both directions, so it needs a certificate on both sides (ServiceCertificate and ClientCertificate).I could be completely wrong though, I'm just saying; try it and see if that helps...