我已将ProtectionLevel = ProtectionLevel.None放在ServiceContract上,用于我的WCF客户端(调用SOAP服务),但WCF仍在向标头添加签名。
[ServiceContract(ConfigurationName = "IMyOutboundService", ProtectionLevel = ProtectionLevel.None)]
如何关闭此客户端的标头签名?
我正在使用customBinding与authenticationMode="MutualCertificate",我已设置<textMessageEncoding messageVersion="Soap11WSAddressing10"/>。我可以使用不同的绑定,只要允许这个。
以下是完整的当前绑定:
<binding name="MyBinding" openTimeout="00:00:10" sendTimeout="00:00:10" >
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<security authenticationMode="MutualCertificate"
includeTimestamp="true"
enableUnsecuredResponse="true">
<localClientSettings timestampValidityDuration="00:15:00"/>
</security>
<httpsTransport
manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="5242880" allowCookies="false"
bypassProxyOnLocal="true" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="5242880"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
答案 0 :(得分:1)
我有一个工作,艰难的方式!
<binding name="MyBinding" openTimeout="00:00:10" sendTimeout="00:00:10" >
<textMessageEncoding messageVersion="Soap11WSAddressing10" />
<httpsTransport
manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="5242880" allowCookies="false"
bypassProxyOnLocal="true" decompressionEnabled="true" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="5242880"
realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="true" />
</binding>
因此,通过保持自定义绑定,而不是切换到基本绑定(我尝试过),您可以保留Soap11WSAddressing10(即您获得所有SOAP标头)。
通过删除<security元素,您实际上将事物设置为仅传输安全性。在仅传输模式下,不添加任何签名。