开发者

IIS Rest over HTTPS only

I've asked a similar question here:

How to enforce one method in WCF Rest to be called via https, while others can be called over http

And it doesn't look like it is possible on the code side. Is it possible to set up an entire service to be callable over HTTPS only? I've configured a service using the following binding:

  <webHttpBinding>
    <binding name="webBinding"
     maxBufferSize="152428800" maxReceivedMessageSize="152428800"
     receiveTimeout="00:10:00">
        <readerQuotas maxStringContentLength="152428800"
              maxArrayLength="152428800"
              maxBytesPerRead="4096"/>
        <security mode="Transport">
        <transport clientCredentialType="None" />
        </security>
    </binding>
    </webHttpBinding>

But when I try to ca开发者_JS百科ll a simple service over http, the service returns the result happily, rather than returning some sort of exception. Do I need to configure IIS to only service https requests? Has anyone tried this?

Thanks!


Did you configure IIS to require SSL on your application's folder? (you can set it to allow ssl or make it mandatory)


You can always add an explicit endpoint to your service entry with a fully-qualified https address. Can't remember if IIS hosting always auto-adds the base addresses when you have an explicit address, but even if it does, you can make a simple extension of ServiceHostFactory to "eat" the default base addresses IIS supplies (reference your custom servicehostfactory in the Factory attribute of your .svc file). Then it'll only answer on the exact addresses you supplied in the config.


It's possible via configuration. This Blog Article is not your exact scenario (it's file transfer over https), but it shows sample config and code for configuring and consuming a https web service that should be useful.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜