[Original] http://www.rainsts.net/article.asp? Id = 473
1. Security Methods
This is achieved by setting the binding property security.
Nettcpbinding binding = new nettcpbinding ();
Binding. Security. mode = securitymode. Transport;
Binding. Security. Transport. protectionlevel = system. net. Security. protectionlevel. encryptandsign;
2. Message Protection
Through the protectionlevel parameters of servicecontractattribute and operationcontractattribute, we can set different message protection levels.
[Servicecontract (protectionlevel = protectionlevel. encryptandsign)]
Interface imycontract
{
...
}
3. Authentication
Different deployment environments have different options. In the Intranet environment, we may choose the Windows integrated verification method. In the Internet environment, the common solution is to adopt the X.509 digital certificate. Of course, the most common one is the user name/password.
Taking windows integration verification as an example, the client can send the matching authentication information to the server through the clientbase. clientcredentials attribute. By default, the client uses the current Windows Logon account as the authentication information. You can also explicitly set different identity information.
Proxy method:
Networkcredential credentials = new networkcredential ();
Credentials. Domain = "mydomain ";
Credentials. Username = "myusername ";
Credentials. Password = "mypassword ";
Using (mycontractclient client = new mycontractclient ())
{
Client. clientcredentials. Windows. clientcredential = credentials;
Client. mymethod ();
}
Factory method:
Channelfactory <imycontract> factory = new channelfactory <imycontract> ("");
Factory. Credentials. Windows. clientcredential = new networkcredential (...);
Imycontract client = factory. createchannel ();
Using (client as idisposable)
{
Client. mymethod ();
}
In the service, we can use servicesecuritycontext. Current (or operationcontext. Current. servicesecuritycontext) to obtain relevant identity information.
Console. writeline (servicesecuritycontext. Current. windowsidentity. authenticationtype );
Console. writeline (servicesecuritycontext. Current. windowsidentity. Name );
The following sections detail several common verification development methods.