Recently, I used WCF to develop a project. I won't write more about it here. There are many good articles in the basic knowledge garden!
Http://www.cnblogs.com/jillzhang/archive/2008/04/19/1161423.html
Http://www.cnblogs.com/yjmyzz/archive/2008/08/22/1272836.html
Well, let's just talk about the issues that I encountered during development. These two problems have been solved for several days. This article describes the security of my project.
My project uses IIS as the host and securely transmits HTTPS + username verification.
The above two articles are very detailed about these basic knowledge, and I would like to thank the author of these two articles for sharing them.
I. I encountered a problem in using HTTPS in IIS, that is, the problem of reference to WCF.
The IIS certificate configuration is complete on the server.
Test the service, https://timp.dev.net/wcfservice/service.svc in the server, ie, but in, the web page does show,
You have created a service.
To test the service, you need to create a client and use it to call the service. You can use the following syntax to perform this operation from the command line:
Svcutil.exe https: // lanmang-avrx6mx/wcfservice/service. SVC? WSDL
The generated configuration file is as follows:
-<WSDL: Service name ="
Memberservice">-<WSDL: Port name ="
Wshttpbinding_imemberservice"Binding ="
TNS: wshttpbinding_imemberservice"> <Soap12: address location =" https: // lanmang-avrx6mx/wcfservice/service. SVC/>-<wsa10: endpointreference> <wsa10: Address> https: // lanmang-avrx6mx/wcfservice/service. SVC </wsa10: Address> </wsa10: endpointreference> </WSDL: Port> </WSDL: Service> the Local Certificate Service is displayed. At this time, when I reference the https://timp.dev.net/wcfservice/service.svcservice on the client, an error is reported, and the reference is unavailable. Lanmang-avrx6mx server computer name. Solution. After searching for a long time, I found the answer on a foreign website, that is, I had to register a certificate domain name in IIS. I'm not good at English, not very good at translation, you can see it: http://www.jstawski.com/archive/2008/05/01/wcf-wsdl-location-address-with-https.aspx
Use the adsutil. vbs function to register a domain name in DOS: The command is as follows:
% SystemRoot % \ system32 \ cscript.exe // nologo % systemdrive % Inetpub \ adminscripts \ adsutil. vbs set/w3svc/<website ID>/securebindings ": 443: <Host Header>"
Parameter description:
% SystemRoot % \ system32 \ cscript.exe // nologo: a command tool.
% Systemdrive % Inetpub \ adminscripts \ adsutil. vbs: path of the adsutil. vbs function.
<Website ID>: identifies a website in IIS.
<Host Header>: The domain name bound to the SSL certificate.
Ii. SSL + Username
The above solves the SSL problem. Next I will talk about my second problem. I Want To Use https and verify the user name and password at the same time. I will not write any articles in the validation process garden. I will write the following configuration code in the configuration file:
<Bindings>
<Wshttpbinding>
<Binding name = "memberservicebinding">
<Security mode = "transportwithmessagecredential">
<Message clientcredentialtype = "username"/>
</Security>
</Binding>
</Wshttpbinding>
</Bindings>
This is the case. Please refer to the article,
Http://msdn.microsoft.com/zh-cn/vstudio/ms789011.aspx
Http://www.theserverside.net/tt/articles/showarticle.tss? Id = securingwcfservice
Now let's write it here. I hope it will be helpful to anyone who has encountered the above problems !!!!