1. 首頁
  2. 問答
  3. 禁用從服務到客戶端的消息簽名

禁用從服務到客戶端的消息簽名

2015-03-25 26 views
0

如何禁用從服務到客戶端的消息簽名? 我使用basicHttpBinding與消息安全模式和證書作爲憑證類型。禁用從服務到客戶端的消息簽名

我有工作解決方案,但是這個解決方案在兩個方向都使用證書籤名;我只想要求方向客戶端 - >服務。我怎樣才能實現它?它甚至有可能嗎? 我的用例很簡單;基本上我不希望從客戶端需要指定服務證書,他們只是提供他們的證書,我只是在我的自定義證書驗證檢查,如果這個證書是registred並啓用...

服務配置

<system.serviceModel> 
    <services> 
    <service behaviorConfiguration="MyApp.ServiceBehavior" name="MyApp.Service"> 
     <endpoint address="" binding="basicHttpBinding" contract="MyApp.IService" bindingConfiguration="CustomBinding"> 
     <identity> 
      <dns value="SebastianServer" /> 
     </identity> 
     </endpoint> 
     <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint> 
    </service> 
    </services> 

    <behaviors> 
    <serviceBehaviors> 
     <behavior name="MyApp.ServiceBehavior"> 
     <serviceCredentials> 
      <serviceCertificate findValue="052026af9ea372c95b63acc3fb9f36859931f205" x509FindType="FindByThumbprint" storeLocation="CurrentUser" storeName="My" /> 

      <clientCertificate> 
      <!--<authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck" />--> 
      <authentication certificateValidationMode="Custom" customCertificateValidatorType="MyApp.CustomValidator, MyApp"/> 
      </clientCertificate> 

     </serviceCredentials> 
     </behavior> 
    </serviceBehaviors> 
    </behaviors> 

    <bindings> 
    <basicHttpBinding> 
     <binding name="CustomBinding"> 
     <security mode="Message"> 
      <message clientCredentialType="Certificate" /> 
     </security> 
     </binding> 
    </basicHttpBinding> 
    </bindings> 
</system.serviceModel>

客戶端配置

<system.serviceModel> 
    <behaviors> 
    <endpointBehaviors> 
     <behavior name="certificateEndpoint"> 
     <clientCredentials> 
      <clientCertificate findValue="f2ba8e5a7531df7097117661d966d1f14fccb360" x509FindType="FindByThumbprint" storeLocation="CurrentUser" storeName="My" /> 
      <serviceCertificate> 
      <authentication certificateValidationMode="PeerOrChainTrust" revocationMode="NoCheck" /> 
      <defaultCertificate findValue="052026af9ea372c95b63acc3fb9f36859931f205" x509FindType="FindByThumbprint" storeLocation="CurrentUser" storeName="My" /> 
      </serviceCertificate> 
     </clientCredentials> 
     </behavior> 
    </endpointBehaviors> 
    </behaviors> 

    <bindings> 
     <basicHttpBinding> 
     <binding name="BasicHttpBinding_IService"> 
      <security mode="Message"> 
      <transport clientCredentialType="None" /> 
      <message clientCredentialType="Certificate" /> 
      </security> 
     </binding> 
     </basicHttpBinding> 
    </bindings> 

    <client> 
    <endpoint 
     address="http://localhost:5129/Service.svc" 
     binding="basicHttpBinding" 
     bindingConfiguration="BasicHttpBinding_IService" 
     contract="MyAppService.IService" 
     behaviorConfiguration="certificateEndpoint" 
     name="BasicHttpBinding_IService"> 
     <identity> 
     <dns value="SebastianServer"/> 
     </identity> 
    </endpoint> 
    </client> 
</system.serviceModel>

來源

2015-03-25 Sebastian Busek

+0

請參閱[「應該在其標題中包含」標籤?「](http://meta.stackexchange.com/questions/19190/should-questions-include-tags-in-their-titles),其中共識是「不,他們不應該」! – 2015-03-25 09:31:38

回答

0

這是可能的結合俗。

來源

2015-04-01 11:42:13

相關問題

 相關問題