WCF basicHttpBinding之Transport Security Mode, clientCredentialType="None"

原創地址：http://www.cnblogs.com/jfzhu/p/4071342.html                                                                                        

轉載請註明出處

 

前面文章介紹了《WCF basicHttpBinding之Message Security Mode》如何basicHttpBinding的Message Security Mode，而且clientCredentialType用的是certificate。

本文演示basicHttpbinding使用Transport Security Mode，而且clientCredentialType="None"。

 

 

（一）WCF 服務代碼與配置文件

IDemoService.cs

using System.ServiceModel;

namespace WCFDemo 
{    
    [ServiceContract(Name = "IDemoService")] 
    public interface IDemoService 
    { 
        [OperationContract] 
        [FaultContract(typeof(DivideByZeroFault))] 
        int Divide(int numerator, int denominator); 
    } 
}

 

DemoService.cs

using System; 
using System.ServiceModel; 
using System.ServiceModel.Activation;

namespace WCFDemo 
{ 
    [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] 
    public class DemoService : IDemoService 
    { 
        public int Divide(int numerator, int denominator) 
        { 
            try 
            { 
                return numerator / denominator; 
            } 
            catch (DivideByZeroException ex) 
            { 
                DivideByZeroFault fault = new DivideByZeroFault(); 
                fault.Error = ex.Message; 
                fault.Detail = "Denominator cannot be ZERO!"; 
                throw new FaultException<DivideByZeroFault>(fault); 
            }           
        } 
    } 
}

 

完整的代碼也能夠參見《WCF服務建立與拋出強類型SOAP Fault》。

 

server web.config

<?xml version="1.0"?> 
<configuration> 
    <system.web> 
      <compilation debug="true" targetFramework="4.0" /> 
    </system.web> 
    <system.serviceModel> 
      <bindings> 
        <basicHttpBinding> 
          <binding name="basicBinding"> 
            <security mode="Transport"> 
              <transport clientCredentialType="None" /> 
            </security> 
          </binding> 
        </basicHttpBinding> 
      </bindings> 
      <services> 
        <service name="WCFDemo.DemoService" behaviorConfiguration="CustomBehavior"> 
          <endpoint address="DemoService" binding="basicHttpBinding" contract="WCFDemo.IDemoService" bindingConfiguration="basicBinding" />          
          <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint> 
        </service> 
      </services> 
        <behaviors> 
            <serviceBehaviors> 
                <behavior name="CustomBehavior"> 
                    <serviceMetadata httpsGetEnabled="true" /> 
                    <serviceDebug includeExceptionDetailInFaults="false" />                    
                </behavior> 
            </serviceBehaviors> 
        </behaviors> 
        <serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> 
    </system.serviceModel> 
</configuration> 

 

（二）爲WCF Service application添加一個https binding。

具體做法參見《Step by Step 配置使用HTTPS的ASP.NET Web應用》。

 

配置完https binding以後，雙擊SSL Settings

 

勾選Require SSL，點擊Apply。

 

 

Http的Binding仍是不可缺乏，不然會出現下面的錯誤

 

 

 

 

（三）在客戶端安裝SSL根證書

因爲https證書使用的是

 

因此咱們使用的WCF Service URL爲 https://win-ounm08eqe64.henry.huang/DemoService.svc

 

在客戶端，爲C:\Windows\System32\Drivers\etc\host 添加一條記錄

 

而後安裝根證書

雙擊根證書文件，彈出證書屬性的對話框，此時該根證書並不受信任，咱們須要將其加入「受信任的根證書頒發機構」，點擊安裝證書

 

 

（四）客戶端代碼與配置文件

在客戶端Visual Studio添加Service Reference

 

private void buttonCalculate_Click(object sender, EventArgs e) 
{ 
    try 
    { 
        textBoxResult.Text = demoServiceClient.Divide(Convert.ToInt32(textBoxNumerator.Text), Convert.ToInt32(textBoxDenominator.Text)).ToString(); 
    } 
    catch (FaultException<DemoServiceReference.DivideByZeroFault> fault) 
    { 
        MessageBox.Show(fault.Detail.Error + " - " + fault.Detail.Detail); 
    } 
}

 

client app.config

<?xml version="1.0" encoding="utf-8" ?> 
<configuration> 
    <system.serviceModel> 
        <bindings> 
            <basicHttpBinding> 
                <binding name="BasicHttpBinding_IDemoService"> 
                    <security mode="Transport" /> 
                </binding> 
            </basicHttpBinding> 
        </bindings> 
        <client> 
            <endpoint address="https://win-ounm08eqe64.henry.huang/DemoService.svc/DemoService" 
                binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDemoService" 
                contract="DemoServiceReference.IDemoService" name="BasicHttpBinding_IDemoService" /> 
        </client> 
    </system.serviceModel> 
</configuration>

 

 

（五）運行代碼，監聽Message

 

使用Fiddler，發現消息所有加密

 

可是若是用Microsoft Service Trace Viewer查看Message Log（參見《使用WCF的Trace與Message Log功能 》），能夠看到解密後的信息，由於它不是在wire上監聽，而Fiddler是在wire上進行監聽。

Request:

 

Response:

 

（六）總結

Transport Security Mode是傳輸協議級的加密，而Message Security Mode是對消息級別的加密。每種協議都有本身對應的傳輸協議級的加密方式，好比HTTP的加密方式就爲SSL。