惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
CERT Recently Published Vulnerability Notes
V
Vulnerabilities – Threatpost
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
L
Lohrmann on Cybersecurity
C
CXSECURITY Database RSS Feed - CXSecurity.com
Schneier on Security
Schneier on Security
T
Threatpost
P
Proofpoint News Feed
MongoDB | Blog
MongoDB | Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
大猫的无限游戏
大猫的无限游戏
T
Threat Research - Cisco Blogs
罗磊的独立博客
Security Latest
Security Latest
D
Docker
S
Secure Thoughts
博客园 - 聂微东
A
Arctic Wolf
Recorded Future
Recorded Future
雷峰网
雷峰网
Microsoft Azure Blog
Microsoft Azure Blog
The Cloudflare Blog
P
Palo Alto Networks Blog
Project Zero
Project Zero
Blog — PlanetScale
Blog — PlanetScale
D
Darknet – Hacking Tools, Hacker News & Cyber Security
H
Help Net Security
T
The Blog of Author Tim Ferriss
Latest news
Latest news
AWS News Blog
AWS News Blog
U
Unit 42
Stack Overflow Blog
Stack Overflow Blog
The GitHub Blog
The GitHub Blog
Know Your Adversary
Know Your Adversary
Vercel News
Vercel News
WordPress大学
WordPress大学
Spread Privacy
Spread Privacy
F
Full Disclosure
Martin Fowler
Martin Fowler
T
The Exploit Database - CXSecurity.com
Attack and Defense Labs
Attack and Defense Labs
Y
Y Combinator Blog
Microsoft Security Blog
Microsoft Security Blog
V
V2EX
M
MIT News - Artificial intelligence
P
Proofpoint News Feed
小众软件
小众软件
宝玉的分享
宝玉的分享

博客园 - MonkChen

使用阿里云Java SDK 实现 DDNS Ehcache3.4 XML配置硬盘存储 Tesseract训练 Postgresql Jsonb字段内含数组属性的删除元素操作 Activiti开启SQL Log Drools mvel方言drl断点调试方法 Openfire 编译插件 mysql数据备份 Silverlight 缓存控制策略 Silverlight ComboBox with TreeView silverlight5 net.tcpBinding 跨域策略的解决 CMF Android !No Launcher activity found错误 Android SDK Manager 无法获取列表的解决 Silverlight跨域调用gSoap/Java web service 以及wsdl文件的修改 gSOAP契约函数返回结构体(返回多个值) java jax-ws发布含有DateTime字段的实体的webservice gSoap中文乱码解决 RTMP协议
WCF CustomBinding 身份验证
MonkChen · 2013-04-12 · via 博客园 - MonkChen

对Windows加密和验证机制不是很了解,在做WCF安全性方面有点吃力啊,经过两天的摸索,做了一个成功的demo,通过ssl实现用户名密码的验证。里面还有很多东西不甚理解,以后慢慢学习吧,在此笔记,备忘。

1.认证模式采用SecureConversation,因此服务器和客户机都需安装数字证书,关于数字证书的制作,网上多如牛毛。

2.客户端安装证书时,必须将证书安装在“受信任的根证书颁发机构”,否则会出现问题:“The certificate that was used has a trust chain that cannot be verified.....”,“已受理证书链,但是在不受信任提供程序信任的根证书中终止。”

3.配置文件:

Server:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.web>
    <compilation debug="true" />
  </system.web>
  <!-- When deploying the service library project, the content of the config file must be added to the host's 
  app.config file. System.Configuration does not support config files for libraries. -->
  <system.serviceModel>
    <services>
      <service behaviorConfiguration="SecurityBehavior" name="JLCG.MIS.Server.WCF.CGService">
        <endpoint address="" binding="customBinding" bindingConfiguration="compactBinding"
          contract="JLCG.MIS.Server.Contract.IMisService">
          <identity>
            <dns value="MISCA" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="netTcpBinding" bindingConfiguration="GenericBinding"
          name="net.tcp" contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="net.tcp://10.10.0.204:7007/MisService/" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <bindings>
      <customBinding>
        <binding name="compactBinding">
          <compactMessageEncoding>
            <binaryMessageEncoding />
          </compactMessageEncoding>
          <security authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" />
          </security>
            <tcpTransport  />
        </binding>
      </customBinding>
      <netTcpBinding>
        <binding name="GenericBinding" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
          <security  mode="None"/>
        </binding>
      </netTcpBinding>
    </bindings>
    <extensions>
      <bindingElementExtensions>
        <add name="compactMessageEncoding" type="Amib.WCF.CompactMessageEncodingElement, CompactMessageEncoder, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
      </bindingElementExtensions>
    </extensions>
    <behaviors>
      <serviceBehaviors>
        <behavior name="SecurityBehavior">
          <serviceMetadata />
          <serviceDebug includeExceptionDetailInFaults="True" />
          <dataContractSerializer maxItemsInObjectGraph="2147483647" />
          <serviceThrottling maxConcurrentCalls="2000" maxConcurrentInstances="2000" maxConcurrentSessions="2000"/>
          <serviceTimeouts transactionTimeout="00:01:00"/>
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="JLCG.MIS.Server.WCF.CustomValidator,JLCG.MIS.Server.WCF" />
            <serviceCertificate findValue="MISCA" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
          </serviceCredentials>
        </behavior>        
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
  <connectionStrings>
  </connectionStrings>
</configuration>

 client:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
      <bindings>
        <customBinding>
          <binding name="MisServiceBindingConfig">
            <compactMessageEncoding>
              <binaryMessageEncoding>
                <readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" />
              </binaryMessageEncoding>
            </compactMessageEncoding>
            <security authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
              <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" />
            </security>
            <tcpTransport maxReceivedMessageSize="2147483647" />
          </binding>
        </customBinding>
      </bindings>
        <client>      
            <endpoint address="net.tcp://10.10.30.4:7007/MisService/" binding="customBinding"
                bindingConfiguration="MisServiceBindingConfig" contract="ServiceReference.IMisService"
                name="MisServiceBinding_IMisService">
                <identity>
                    <dns value="MISCA" />
                </identity>
            </endpoint>
        </client>
      <extensions>
        <bindingElementExtensions>
          <add name="compactMessageEncoding" type="Amib.WCF.CompactMessageEncodingElement, CompactMessageEncoder, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
        </bindingElementExtensions>
      </extensions>
    </system.serviceModel>    
</configuration>

 4.服务端代码

 class CustomValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {

        }
    }

5.客户端代码

MisServiceClient client = new MisServiceClient("MisServiceBinding_IMisService");
                client.ClientCredentials.UserName.UserName = "userName";
                client.ClientCredentials.UserName.Password = "password";

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。