WCF 仅通过 HTTPS SVC 托管在 MVC 项目内
我已将 WCF .svc 文件添加到我的 MVC3 项目中,并且我试图阻止通过 HTTP 访问该服务。
通过下面的配置,我的服务可以在一个端口上通过 https 访问,然后在另一个端口上通过 http 访问。
我怎样才能防止这种情况发生?
谢谢
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="TS">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Endpoints" behaviorConfiguration="Default">
<endpoint address="https://localhost:44301/Services/Endpoints.svc" binding="basicHttpBinding" bindingConfiguration="TS" contract="UkerLtd.Services.IEndpoints"></endpoint>
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Default">
<serviceMetadata httpGetEnabled="false" httpsGetUrl="https://localhost:44301/Services/Endpoints.svc" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="false" />
</system.serviceModel>
I've got an WCF .svc file added to my MVC3 project and I'm trying to prevent the service being accessed over HTTP.
With the config below my service is available over https on one port and then over http on another.
How can I prevent this?
Thanks
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="TS">
<security mode="Transport">
<transport clientCredentialType="None"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service name="Endpoints" behaviorConfiguration="Default">
<endpoint address="https://localhost:44301/Services/Endpoints.svc" binding="basicHttpBinding" bindingConfiguration="TS" contract="UkerLtd.Services.IEndpoints"></endpoint>
<endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Default">
<serviceMetadata httpGetEnabled="false" httpsGetUrl="https://localhost:44301/Services/Endpoints.svc" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<serviceHostingEnvironment multipleSiteBindingsEnabled="false" />
</system.serviceModel>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以注释或删除 IMetadataExchange 的第二个终结点,
由于它是针对相同的服务,因此元数据将由
公开
serviceBehaviors/serviceMetadata 中的 httpsGetEnabled="true"。
否则,您可以“设置 IIS 以要求 SSL”,但由于它不是一个选项..
希望这会有所帮助。
You can comment or remove the second endpoint for the IMetadataExchange,
since it is for the same service, the metadata will be exposed by the
httpsGetEnabled="true" in the serviceBehaviors/serviceMetadata.
Otherwise you could "Set up IIS to require SSL", but since it's not an option..
hope this helps.