开发者

How to use custom binding in WCF and keep message security mode with username client credentials?

I have WCF service accessible over Internet which uses wsHttpBinding with message security mode and username client credentials.

<bindings>
    <wsHttpBinding>
        <binding name="wsHttpEndpointBinding" messageEncoding="Mtom" maxReceivedMessageSize="104857600">
           <readerQuotas maxArrayLength="104857600"/>
           <security mode="Message">
            <message clientCredentialType="UserName"/>
           </security>
        </binding>
    </wsHttpBinding>
</bindings>

I've figured out that it takes too much time to transfer my data from client to the server. I've read that i can use customBinding and binaryEncoding mode for my service.

Like that:

<bindings>
   <customBindings>
     <binding name="NetHttpBinding">
       <binaryMessageEncoding />
       <httpTransport />
     </binding>
  </customBindings>
<bindings>

But her开发者_如何学JAVAe is no any mention about message security mode and client credential type...

How could i use custom binding with binaryEncoding and keep message security mode with username client credentials?


I know this is not the answer your looking for but this is my config. I use custom binding with UserNameOverTransport authentication.

It might give you a clue on what to change to get yours up & running.

<customBinding>
    <binding name="MyCustomHttpBinding" receiveTimeout="00:20:00" sendTimeout="00:20:00">
        <security authenticationMode="UserNameOverTransport">
            <localServiceSettings maxClockSkew="Infinite" />
        </security>
        <mtomMessageEncoding maxBufferSize="2097152" messageVersion="Soap12" >
            <readerQuotas maxStringContentLength="2097152"/>
        </mtomMessageEncoding>
        <httpsTransport maxBufferSize="2097152" maxReceivedMessageSize="1073741824" transferMode="Streamed" />
    </binding>
</customBinding>

Keep in mind I use MTOM Encoding which, in my case, fits better to my scenario.


Set secureConversationBootstrap to UserNameForSslNegotiated. Try something similiar to the binding below.

<bindings>
<customBinding>
  <binding name="wss-username-binary">
    <transactionFlow/>

    <security 
authenticationMode="SecureConversation" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">

      <secureConversationBootstrap 
authenticationMode="UserNameForSslNegotiated" 
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" />
    </security>

      <binaryMessageEncoding />
    <httpTransport/>
  </binding>
</customBinding>
</bindings>


Try this it may help you more---- it has custom binding, custom security and certificate.

            <endpoint address="mex"
                      binding="mexHttpBinding"
                      contract="IMetadataExchange" />

        </service>

    </services>
    <bindings>
        <wsHttpBinding>

            <binding name="CommonBinding" maxReceivedMessageSize ="2147483647">
                <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
                              maxArrayLength="2147483647" maxBytesPerRead="2147483647"
                              maxNameTableCharCount="2147483647" />

                <security mode="Message">
                    <message clientCredentialType="UserName"  />
                </security>
            </binding>

        </wsHttpBinding>
    </bindings>
    <behaviors>
        <serviceBehaviors>
            <behavior name="myServiceBehavior">

                <serviceCredentials>

                    <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType="Custom.Security.CustomUserNameValidator, Custom.Security" />
                    <clientCertificate>
                        <authentication certificateValidationMode= "PeerOrChainTrust"  />
                    </clientCertificate>
                    <serviceCertificate findValue="CertName" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName" />
                </serviceCredentials>

                <serviceMetadata httpGetEnabled="True"/>
                <serviceAuthorization principalPermissionMode="Custom">
                    <authorizationPolicies>
                        <add policyType="Custom.Security.AuthorizationPolicy, Custom.Security" />
                    </authorizationPolicies>
                </serviceAuthorization>
            </behavior>
        </serviceBehaviors>
    </behaviors>
</system.serviceModel>
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜