WCF, SSL, username, username and password verification, and https

Source: Internet
Author: User
Tags ssl certificate wsdl

Recently, I used WCF to develop a project. I won't write more about it here. There are many good articles in the basic knowledge garden!

Http://www.cnblogs.com/jillzhang/archive/2008/04/19/1161423.html

Http://www.cnblogs.com/yjmyzz/archive/2008/08/22/1272836.html

 

Well, let's just talk about the issues that I encountered during development. These two problems have been solved for several days. This article describes the security of my project.

My project uses IIS as the host and securely transmits HTTPS + username verification.

The above two articles are very detailed about these basic knowledge, and I would like to thank the author of these two articles for sharing them.

I. I encountered a problem in using HTTPS in IIS, that is, the problem of reference to WCF.

The IIS certificate configuration is complete on the server.

Test the service, https://timp.dev.net/wcfservice/service.svc in the server, ie, but in, the web page does show,

You have created a service.

To test the service, you need to create a client and use it to call the service. You can use the following syntax to perform this operation from the command line:

Svcutil.exe https: // lanmang-avrx6mx/wcfservice/service. SVC? WSDL

The generated configuration file is as follows:

-<WSDL: Service name =" Memberservice">-<WSDL: Port name =" Wshttpbinding_imemberservice"Binding =" TNS: wshttpbinding_imemberservice"> <Soap12: address location =" https: // lanmang-avrx6mx/wcfservice/service. SVC/>-<wsa10: endpointreference> <wsa10: Address> https: // lanmang-avrx6mx/wcfservice/service. SVC </wsa10: Address> </wsa10: endpointreference> </WSDL: Port> </WSDL: Service> the Local Certificate Service is displayed. At this time, when I reference the https://timp.dev.net/wcfservice/service.svcservice on the client, an error is reported, and the reference is unavailable. Lanmang-avrx6mx server computer name. Solution. After searching for a long time, I found the answer on a foreign website, that is, I had to register a certificate domain name in IIS. I'm not good at English, not very good at translation, you can see it: http://www.jstawski.com/archive/2008/05/01/wcf-wsdl-location-address-with-https.aspx

 

Use the adsutil. vbs function to register a domain name in DOS: The command is as follows:

% SystemRoot % \ system32 \ cscript.exe // nologo % systemdrive % Inetpub \ adminscripts \ adsutil. vbs set/w3svc/<website ID>/securebindings ": 443: <Host Header>"

Parameter description:

% SystemRoot % \ system32 \ cscript.exe // nologo: a command tool.

% Systemdrive % Inetpub \ adminscripts \ adsutil. vbs: path of the adsutil. vbs function.

<Website ID>: identifies a website in IIS.

<Host Header>: The domain name bound to the SSL certificate.

 

Ii. SSL + Username

The above solves the SSL problem. Next I will talk about my second problem. I Want To Use https and verify the user name and password at the same time. I will not write any articles in the validation process garden. I will write the following configuration code in the configuration file:

<Bindings>
<Wshttpbinding>
<Binding name = "memberservicebinding">
<Security mode = "transportwithmessagecredential">
<Message clientcredentialtype = "username"/>
</Security>
</Binding>
</Wshttpbinding>
</Bindings>

This is the case. Please refer to the article,

Http://msdn.microsoft.com/zh-cn/vstudio/ms789011.aspx

Http://www.theserverside.net/tt/articles/showarticle.tss? Id = securingwcfservice

Now let's write it here. I hope it will be helpful to anyone who has encountered the above problems !!!!

 

 

 

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.