Transport Security Mode of WCF basicHttpBinding, clientCredentialType = & quot; None & quot;, basichttpbinding

Transport Security Mode of WCF basicHttpBinding, clientCredentialType = "None", basichttpbinding

Address: http://www.cnblogs.com/jfzhu/p/4071342.html

Reprinted please indicate the source

 

The previous article introduced how to use the Message Security Mode of basicHttpBinding in the Message Security Mode of WCF basicHttpBinding, And the clientCredentialType uses certificate.

This document demonstrates that basicHttpbinding uses the Transport Security Mode and clientCredentialType = "None ".

 

 

(1) WCF Service Code and configuration file

IDemoService. cs

using System.ServiceModel;namespace WCFDemo {        [ServiceContract(Name = "IDemoService")]     public interface IDemoService     {         [OperationContract]         [FaultContract(typeof(DivideByZeroFault))]         int Divide(int numerator, int denominator);     } }

 

DemoService. cs

using System; using System.ServiceModel; using System.ServiceModel.Activation;namespace WCFDemo {     [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]     public class DemoService : IDemoService     {         public int Divide(int numerator, int denominator)         {             try             {                 return numerator / denominator;             }             catch (DivideByZeroException ex)             {                 DivideByZeroFault fault = new DivideByZeroFault();                 fault.Error = ex.Message;                 fault.Detail = "Denominator cannot be ZERO!";                 throw new FaultException<DivideByZeroFault>(fault);             }                   }     } }

 

For the complete code, see Create and throw a strong SOAP Fault for the WCF Service.

 

Server web. config

<?xml version="1.0"?> <configuration>     <system.web>       <compilation debug="true" targetFramework="4.0" />     </system.web>     <system.serviceModel>       <bindings>         <basicHttpBinding>           <binding name="basicBinding">             <security mode="Transport">               <transport clientCredentialType="None" />             </security>           </binding>         </basicHttpBinding>       </bindings>       <services>         <service name="WCFDemo.DemoService" behaviorConfiguration="CustomBehavior">           <endpoint address="DemoService" binding="basicHttpBinding" contract="WCFDemo.IDemoService" bindingConfiguration="basicBinding" />                    <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint>         </service>       </services>         <behaviors>             <serviceBehaviors>                 <behavior name="CustomBehavior">                     <serviceMetadata httpsGetEnabled="true" />                     <serviceDebug includeExceptionDetailInFaults="false" />                                    </behavior>             </serviceBehaviors>         </behaviors>         <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />     </system.serviceModel> </configuration> 

 

(2) Add an https binding for the WCF Service application.

For more information, see Step by Step configuration for ASP. NET Web applications using HTTPS.

Private void buttonCalculate_Click (object sender, EventArgs e) {try {textBoxResult. text = demoServiceClient. divide (Convert. toInt32 (textBoxNumerator. text), Convert. toInt32 (textBoxDenominator. text )). toString ();} catch (FaultException <DemoServiceReference. divideByZeroFault> fault) {MessageBox. show (fault. detail. error + "-" + fault. detail. detail );}}

 

Client app. config

<?xml version="1.0" encoding="utf-8" ?> <configuration>     <system.serviceModel>         <bindings>             <basicHttpBinding>                 <binding name="BasicHttpBinding_IDemoService">                     <security mode="Transport" />                 </binding>             </basicHttpBinding>         </bindings>         <client>             <endpoint address="https://win-ounm08eqe64.henry.huang/DemoService.svc/DemoService"                 binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDemoService"                 contract="DemoServiceReference.IDemoService" name="BasicHttpBinding_IDemoService" />         </client>     </system.serviceModel> </configuration>

 

 

(5) run the code and listen to the Message

 

Use Fiddler to encrypt all messages

 

However, if you use Microsoft Service Trace Viewer to view the Message Log (see using the Trace and Message Log functions of WCF), you can see the decrypted information because it is not listened on wire, while Fiddler listens on wire.

Request:

 

Response:

 

(6) Summary

Transport Security Mode is transmission protocol-level encryption, while Message Security Mode is Message-level encryption. Each protocol has its own transmission protocol-level encryption method. For example, the HTTP encryption method is SSL.

How: use SSL to configure the WCF Service that hosts IIS

For HTTP Transmission security, you must use IIS to register an SSL certificate. If you do not have an SSL certificate, you can use IIS to generate a test certificate. Next, you must add the SSL binding to the web site and configure the web site's Identity Authentication attributes. Finally, you need to configure the WCF Service to Use HTTPS. Create a self-signed certificate, open Internet Information Service Manager (inetmgr.exe), and select your computer name in the Tree View on the left. On the right side of the screen, select server certificate. In the server certificate window, click Create self-signed certificate .... Link. Enter a friendly name for the Self-signed certificate and click OK. Now, the details of the newly created self-signed certificate are displayed in the server certificate window. Install the generated certificate in the Trusted Root Certificate Authority storage area. Add SSL bindings to the Internet Information Service Manager, expand the website folder, and expand the default website/website folder in the Tree View on the left of the screen. Click Bindings... The action section in the link in the upper-right corner of the window. Click "add" in the site binding window.> <Configuration> <system. web> <compilation debug = "true" targetFramework = "4.0"/> </system. web> <system. serviceModel> <services> <service name = "MySecureWCFService. service1 "> <endpoint address =" "binding =" basicHttpBinding "bindingConfiguration =" secureHttpBinding "contract =" MySecureWCFService. IService1 "/> <endpoint address =" mex "binding =" mexHttpsBinding "contract =" IMetadataExchange "/> </service> </se Rvices> <bindings> <basicHttpBinding> <binding name = "secureHttpBinding"> <security mode = "Transport"> <transport clientCredentialType = "None"/> </security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior> <! -- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above befor... the remaining full text>

For a WCF problem, the client cannot call the server.

Server Configuration <security mode = "None"> means that the binding Based on wshttp will not exchange tokens.

Since it is none, it is better to use basicHttpbinding.