WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

原创地址：http://www.cnblogs.com/jfzhu/p/4071342.html

转载请注明出处

前面文章介绍了《WCF basicHttpBinding之Message Security Mode》如何basicHttpBinding的Message Security Mode，并且clientCredentialType用的是certificate。

本文演示basicHttpbinding使用Transport Security Mode，并且clientCredentialType="None"。

（一）WCF 服务代码与配置文件

IDemoService.cs

using System.ServiceModel;

namespace WCFDemo
{
    [ServiceContract(Name = "IDemoService")]
    public interface IDemoService
    {
        [OperationContract]
        [FaultContract(typeof(DivideByZeroFault))]
        int Divide(int numerator, int denominator);
    }
}

DemoService.cs

using System;
using System.ServiceModel;
using System.ServiceModel.Activation;

namespace WCFDemo
{
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
    public class DemoService : IDemoService
    {
        public int Divide(int numerator, int denominator)
        {
            try
            {
                return numerator / denominator;
            }
            catch (DivideByZeroException ex)
            {
                DivideByZeroFault fault = new DivideByZeroFault();
                fault.Error = ex.Message;
                fault.Detail = "Denominator cannot be ZERO!";
                throw new FaultException<DivideByZeroFault>(fault);
            }
        }
    }
}

完整的代码也可以参见《WCF服务创建与抛出强类型SOAP Fault》。

server web.config

<?xml version="1.0"?>
<configuration>
    <system.web>
      <compilation debug="true" targetFramework="4.0" />
    </system.web>
    <system.serviceModel>
      <bindings>
        <basicHttpBinding>
          <binding name="basicBinding">
            <security mode="Transport">
              <transport clientCredentialType="None" />
            </security>
          </binding>
        </basicHttpBinding>
      </bindings>
      <services>
        <service name="WCFDemo.DemoService" behaviorConfiguration="CustomBehavior">
          <endpoint address="DemoService" binding="basicHttpBinding" contract="WCFDemo.IDemoService" bindingConfiguration="basicBinding" />
          <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>
        </service>
      </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="CustomBehavior">
                    <serviceMetadata httpsGetEnabled="true" />
                    <serviceDebug includeExceptionDetailInFaults="false" />
                </behavior>
            </serviceBehaviors>
        </behaviors>
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
    </system.serviceModel>
</configuration>

（二）为WCF Service application添加一个https binding。

具体作法参见《Step by Step 配置使用HTTPS的ASP.NET Web应用》。

配置完https binding之后，双击SSL Settings

勾选Require SSL，点击Apply。

Http的Binding还是不可缺少，否则会出现下面的错误

（三）在客户端安装SSL根证书

由于https证书使用的是

所以我们使用的WCF Service URL为 https://win-ounm08eqe64.henry.huang/DemoService.svc

在客户端，为C:\Windows\System32\Drivers\etc\host 添加一条记录

然后安装根证书

双击根证书文件，弹出证书属性的对话框，此时该根证书并不受信任，我们需要将其加入“受信任的根证书颁发机构”，点击安装证书

（四）客户端代码与配置文件

在客户端Visual Studio添加Service Reference

private void buttonCalculate_Click(object sender, EventArgs e)
{
    try
    {
        textBoxResult.Text = demoServiceClient.Divide(Convert.ToInt32(textBoxNumerator.Text), Convert.ToInt32(textBoxDenominator.Text)).ToString();
    }
    catch (FaultException<DemoServiceReference.DivideByZeroFault> fault)
    {
        MessageBox.Show(fault.Detail.Error + " - " + fault.Detail.Detail);
    }
}

client app.config

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="BasicHttpBinding_IDemoService">
                    <security mode="Transport" />
                </binding>
            </basicHttpBinding>
        </bindings>
        <client>
            <endpoint address="https://win-ounm08eqe64.henry.huang/DemoService.svc/DemoService"
                binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDemoService"
                contract="DemoServiceReference.IDemoService" name="BasicHttpBinding_IDemoService" />
        </client>
    </system.serviceModel>
</configuration>

（五）运行代码，监听Message

使用Fiddler，发现消息全部加密

但是如果用Microsoft Service Trace Viewer查看Message Log（参见《使用WCF的Trace与Message Log功能》），可以看到解密后的信息，因为它不是在wire上监听，而Fiddler是在wire上进行监听。

Request:

Response:

（六）总结

Transport Security Mode是传输协议级的加密，而Message Security Mode是对消息级别的加密。每种协议都有自己对应的传输协议级的加密方式，比如HTTP的加密方式就为SSL。

时间： 2024-08-29 07:01:20

WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"的相关文章

WCF wsHttpBinding之Transport security Mode, clientCredentialType=”Basic”

原创地址:http://www.cnblogs.com/jfzhu/p/4071342.html 转载请注明出处如何在WCF中使用Transport Security Mode,以及如何创建证书,请参见<WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None">,本文介绍如何使用Basic clientCredentialType. server web.config <?xm

WCF basicHttpBinding之Message Security Mode

原创地址:http://www.cnblogs.com/jfzhu/p/4067873.html 转载请注明出处前面的文章<WCF Security基本概念>介绍了WCF的security mode,简单说Transport是transport级别上的加密,Message是message级别上的加密,参见下图: Transport Security Message Security (一)Demo代码 IDemoService.cs: using System.ServiceModel; n

Xcode 7提示App Transport Security has blocked a cleartext HTTP (http://) resource load的解决办法

Xcode 7提示App Transport Security has blocked a cleartext HTTP (http://) resource load的解决办法今天使用Xcode 7打开用Xcode 6开发的网络请求项目,Xcode 7 控制台提示如下: App TransportSecurity has blocked a cleartext HTTP (http://) resource load since it isinsecure. Temporary except

Xcode 7遇到 App Transport Security has blocked a cleartext HTTP 错误

今天用Xcode 7 创建新项目用到 URL 发送请求时,报下面的错: “App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.plist file” 找查资料后发现,新特性要求App内访问网络请求,要采用 HTTPS 协议. 但是我获取的

iOS学习之旅10 ATS(App Transport Security)对HTTPS协议要求引起的问题

问题描述编写以下代码获取网络某个资源的MIMEType 1 -(void)getMIMEType 2 { 3 //路径 4 NSURL *url = [NSURL URLWithString:@"https://www.baidu.com/img/bd_logo1.png"]; 5 //请求对象 6 NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; 7 NSOperationQueue *

iOS9 beta 请求出现App Transport Security has blocked a cleartext HTTP (http://)

错误描述: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app‘s Info.plist file. 在iOS9 beta中,苹果将原http协议改成了https协议,使用 TLS1.2 SSL加密请求数据. 解决方法: 在info.plist 加入k

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure.

解决方法: 方法1.使用https协议请求: 方法2.Info.plist中增加App Transport Security Settings子项Allow Arbitrary Loads设置为YES.

iOS9中请求出现App Transport Security has blocked a cleartext HTTP (http://)

错误描述: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app‘s Info.plist file. 在iOS9中,苹果将原http协议改成了https协议,使用 TLS1.2 SSL加密请求数据. 解决方法: 在info.plist 加入key <k

AFNetworking 提示"The resource could not be loaded because the App Transport Security policy requires the use of a secure connection" 解决办法

原因:iOS9以后,苹果把原http协议改成了https协议,所以不能直接在http协议下GET/POST 解决方案之一: 直接编辑工程文件下的Info.plist文件,加入以下代码 <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> 如图所示: 解决方案之二: a.在Xcode里选中info.