惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Attack and Defense Labs
Attack and Defense Labs
T
Threatpost
C
Cybersecurity and Infrastructure Security Agency CISA
H
Hackread – Cybersecurity News, Data Breaches, AI and More
I
Intezer
C
Cyber Attacks, Cyber Crime and Cyber Security
The Register - Security
The Register - Security
量子位
Security Latest
Security Latest
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
大猫的无限游戏
大猫的无限游戏
小众软件
小众软件
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
C
CXSECURITY Database RSS Feed - CXSecurity.com
MyScale Blog
MyScale Blog
J
Java Code Geeks
Apple Machine Learning Research
Apple Machine Learning Research
Google DeepMind News
Google DeepMind News
WordPress大学
WordPress大学
Spread Privacy
Spread Privacy
Jina AI
Jina AI
博客园 - 【当耐特】
P
Palo Alto Networks Blog
Last Week in AI
Last Week in AI
SecWiki News
SecWiki News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
G
GRAHAM CLULEY
宝玉的分享
宝玉的分享
Hacker News - Newest:
Hacker News - Newest: "LLM"
T
The Blog of Author Tim Ferriss
V
Vulnerabilities – Threatpost
有赞技术团队
有赞技术团队
T
Tor Project blog
H
Hacker News: Front Page
A
Arctic Wolf
NISL@THU
NISL@THU
A
About on SuperTechFans
云风的 BLOG
云风的 BLOG
Engineering at Meta
Engineering at Meta
V
V2EX
N
News and Events Feed by Topic
Webroot Blog
Webroot Blog
Know Your Adversary
Know Your Adversary
P
Privacy International News Feed
I
InfoQ
D
Docker
L
LINUX DO - 最新话题
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
U
Unit 42

博客园 - MonkChen

使用阿里云Java SDK 实现 DDNS Ehcache3.4 XML配置硬盘存储 Tesseract训练 Postgresql Jsonb字段内含数组属性的删除元素操作 Activiti开启SQL Log Drools mvel方言drl断点调试方法 Openfire 编译插件 mysql数据备份 Silverlight 缓存控制策略 Silverlight ComboBox with TreeView silverlight5 net.tcpBinding 跨域策略的解决 CMF Android !No Launcher activity found错误 Android SDK Manager 无法获取列表的解决 Silverlight跨域调用gSoap/Java web service 以及wsdl文件的修改 gSOAP契约函数返回结构体(返回多个值) java jax-ws发布含有DateTime字段的实体的webservice gSoap中文乱码解决 RTMP协议
WCF CustomBinding 身份验证
MonkChen · 2013-04-12 · via 博客园 - MonkChen

对Windows加密和验证机制不是很了解,在做WCF安全性方面有点吃力啊,经过两天的摸索,做了一个成功的demo,通过ssl实现用户名密码的验证。里面还有很多东西不甚理解,以后慢慢学习吧,在此笔记,备忘。

1.认证模式采用SecureConversation,因此服务器和客户机都需安装数字证书,关于数字证书的制作,网上多如牛毛。

2.客户端安装证书时,必须将证书安装在“受信任的根证书颁发机构”,否则会出现问题:“The certificate that was used has a trust chain that cannot be verified.....”,“已受理证书链,但是在不受信任提供程序信任的根证书中终止。”

3.配置文件:

Server:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.web>
    <compilation debug="true" />
  </system.web>
  <!-- When deploying the service library project, the content of the config file must be added to the host's 
  app.config file. System.Configuration does not support config files for libraries. -->
  <system.serviceModel>
    <services>
      <service behaviorConfiguration="SecurityBehavior" name="JLCG.MIS.Server.WCF.CGService">
        <endpoint address="" binding="customBinding" bindingConfiguration="compactBinding"
          contract="JLCG.MIS.Server.Contract.IMisService">
          <identity>
            <dns value="MISCA" />
          </identity>
        </endpoint>
        <endpoint address="mex" binding="netTcpBinding" bindingConfiguration="GenericBinding"
          name="net.tcp" contract="IMetadataExchange" />
        <host>
          <baseAddresses>
            <add baseAddress="net.tcp://10.10.0.204:7007/MisService/" />
          </baseAddresses>
        </host>
      </service>
    </services>
    <bindings>
      <customBinding>
        <binding name="compactBinding">
          <compactMessageEncoding>
            <binaryMessageEncoding />
          </compactMessageEncoding>
          <security authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" />
          </security>
            <tcpTransport  />
        </binding>
      </customBinding>
      <netTcpBinding>
        <binding name="GenericBinding" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
          <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
          <security  mode="None"/>
        </binding>
      </netTcpBinding>
    </bindings>
    <extensions>
      <bindingElementExtensions>
        <add name="compactMessageEncoding" type="Amib.WCF.CompactMessageEncodingElement, CompactMessageEncoder, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
      </bindingElementExtensions>
    </extensions>
    <behaviors>
      <serviceBehaviors>
        <behavior name="SecurityBehavior">
          <serviceMetadata />
          <serviceDebug includeExceptionDetailInFaults="True" />
          <dataContractSerializer maxItemsInObjectGraph="2147483647" />
          <serviceThrottling maxConcurrentCalls="2000" maxConcurrentInstances="2000" maxConcurrentSessions="2000"/>
          <serviceTimeouts transactionTimeout="00:01:00"/>
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="JLCG.MIS.Server.WCF.CustomValidator,JLCG.MIS.Server.WCF" />
            <serviceCertificate findValue="MISCA" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
          </serviceCredentials>
        </behavior>        
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
  <connectionStrings>
  </connectionStrings>
</configuration>

 client:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
      <bindings>
        <customBinding>
          <binding name="MisServiceBindingConfig">
            <compactMessageEncoding>
              <binaryMessageEncoding>
                <readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" />
              </binaryMessageEncoding>
            </compactMessageEncoding>
            <security authenticationMode="SecureConversation" requireSecurityContextCancellation="true">
              <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated" />
            </security>
            <tcpTransport maxReceivedMessageSize="2147483647" />
          </binding>
        </customBinding>
      </bindings>
        <client>      
            <endpoint address="net.tcp://10.10.30.4:7007/MisService/" binding="customBinding"
                bindingConfiguration="MisServiceBindingConfig" contract="ServiceReference.IMisService"
                name="MisServiceBinding_IMisService">
                <identity>
                    <dns value="MISCA" />
                </identity>
            </endpoint>
        </client>
      <extensions>
        <bindingElementExtensions>
          <add name="compactMessageEncoding" type="Amib.WCF.CompactMessageEncodingElement, CompactMessageEncoder, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
        </bindingElementExtensions>
      </extensions>
    </system.serviceModel>    
</configuration>

 4.服务端代码

 class CustomValidator : System.IdentityModel.Selectors.UserNamePasswordValidator
    {
        public override void Validate(string userName, string password)
        {

        }
    }

5.客户端代码

MisServiceClient client = new MisServiceClient("MisServiceBinding_IMisService");
                client.ClientCredentials.UserName.UserName = "userName";
                client.ClientCredentials.UserName.Password = "password";

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。