WCF:使用证书以编程方式配置服务

时间:2010-07-07 16:09:45

标签: wcf certificate app-config custom-binding

这是整个问题:我想创建WCF dll来访问WCF服务....唯一的问题是,当我使用WCF DLL配置文件和一个具有它的OWN app.config文件的应用程序时,WCF DLL app.config文件被忽略.......

我认为解决此问题的一种方法是将我的app.config转换为代码,但不幸的是我不知道我在做什么。

如果您查看下面的app.config文件,您还可以看到我使用带有编码值的证书,这使我更难翻译,因为就像我之前说的那样我不知道我是什么这样做,这对我来说是一种“随时随地学习”的方式。

有没有人知道如何能够按原样使用app.config,而不是访问APPLICATION的app.config的WCF服务?

OR

有没有人有关于如何将以下app.config转换为C#的文章,工具或建议?

任何信息都会很棒.....谢谢,提前。

<system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="customBindingHTTP">
          <security authenticationMode="SecureConversation">
            <localClientSettings maxClockSkew="23:30:00" />
            <secureConversationBootstrap authenticationMode="UserNameForSslNegotiated">
              <localClientSettings maxClockSkew="23:30:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="20000000" maxWritePoolSize="20000000"
            maxSessionSize="20000000">
            <readerQuotas maxDepth="20000000" maxStringContentLength="20000000"
              maxArrayLength="20000000" maxBytesPerRead="20000000" maxNameTableCharCount="20000000" />
          </binaryMessageEncoding>
          <httpTransport maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000"
            maxBufferSize="20000000" useDefaultWebProxy="false" />
        </binding>
        <binding name="CustomBinding_ITestService">
          <security defaultAlgorithmSuite="Default" authenticationMode="SecureConversation"
            requireDerivedKeys="true" securityHeaderLayout="Strict" includeTimestamp="true"
            keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
            messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
            requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
            <localClientSettings cacheCookies="true" detectReplays="true"
              replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
              replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
              sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
              timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
            <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
              maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
              negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
              sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
              reconnectTransportOnFailure="true" maxPendingSessions="128"
              maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            <secureConversationBootstrap defaultAlgorithmSuite="Default"
              authenticationMode="UserNameForSslNegotiated" requireDerivedKeys="true"
              securityHeaderLayout="Strict" includeTimestamp="true" keyEntropyMode="CombinedEntropy"
              messageProtectionOrder="SignBeforeEncryptAndEncryptSignature"
              messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
              requireSecurityContextCancellation="true" requireSignatureConfirmation="false">
              <localClientSettings cacheCookies="true" detectReplays="true"
                replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="Infinite"
                replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
                sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
                timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
              <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
                maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
                negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
                sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
                reconnectTransportOnFailure="true" maxPendingSessions="128"
                maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
            </secureConversationBootstrap>
          </security>
          <binaryMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
            maxSessionSize="2048">
            <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          </binaryMessageEncoding>
          <httpTransport manualAddressing="false" maxBufferPoolSize="524288"
            maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
            bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
            realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="false"
            useDefaultWebProxy="true" />
        </binding>
      </customBinding>
    </bindings>
    <client>
      <endpoint address="http://xx.xx.xxx.xxx:xxxx/TestService/custom"
        behaviorConfiguration="ClientCertificateBehavior" binding="customBinding"
        bindingConfiguration="customBindingHTTP" contract="ServiceReference1.ITestService"
        name="CustomBinding_ITestService">
        <identity>
          <certificate encodedValue="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx />
        </identity>
      </endpoint>
    </client>
    <behaviors>
      <endpointBehaviors>
        <behavior name="ClientCertificateBehavior">
          <clientCredentials>
            <serviceCertificate>
              <authentication certificateValidationMode="None" />
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
  </system.serviceModel>

2 个答案:

答案 0 :(得分:0)

以下代码应该是您需要的良好起点。我已经填写了我在app.config中看到的一些属性并正确设置它们。

CustomBinding endpointBinding = new CustomBinding();

SymmetricSecurityBindingElement securityElement = SecurityBindingElement.CreateUserNameForSslBindingElement();
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10;
securityElement.LocalClientSettings.MaxClockSkew = new TimeSpan(23, 30, 0);

endpointBinding.Elements.Add(securityElement);
endpointBinding.Elements.Add(new BinaryMessageEncodingBindingElement());
endpointBinding.Elements.Add(new HttpsTransportBindingElement());

至于证书......一旦你有了一个WCF服务主机对象,就可以像这样添加证书:

 host.Credentials.ServiceCertificate.Certificate = cert;

答案 1 :(得分:0)

此外,您可以将dll的app.config文件内容放入调用者应用程序的app.config文件中。

相关问题
最新问题