原創地址:http://www.cnblogs.com/jfzhu/p/4071342.html
轉載請注明出處
前面文章介紹了《WCF basicHttpBinding之Message Security Mode》如何basicHttpBinding的Message Security Mode,並且clientCredentialType用的是certificate。
本文演示basicHttpbinding使用Transport Security Mode,並且clientCredentialType="None"。
(一)WCF 服務代碼與配置文件
IDemoService.cs
using System.ServiceModel; namespace WCFDemo { [ServiceContract(Name = "IDemoService")] public interface IDemoService { [OperationContract] [FaultContract(typeof(DivideByZeroFault))] int Divide(int numerator, int denominator); } }
DemoService.cs
using System; using System.ServiceModel; using System.ServiceModel.Activation; namespace WCFDemo { [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] public class DemoService : IDemoService { public int Divide(int numerator, int denominator) { try { return numerator / denominator; } catch (DivideByZeroException ex) { DivideByZeroFault fault = new DivideByZeroFault(); fault.Error = ex.Message; fault.Detail = "Denominator cannot be ZERO!"; throw new FaultException<DivideByZeroFault>(fault); } } } }
完整的代碼也可以參見《WCF服務創建與拋出強類型SOAP Fault》。
server web.config
<?xml version="1.0"?> <configuration> <system.web> <compilation debug="true" targetFramework="4.0" /> </system.web> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="basicBinding"> <security mode="Transport"> <transport clientCredentialType="None" /> </security> </binding> </basicHttpBinding> </bindings> <services> <service name="WCFDemo.DemoService" behaviorConfiguration="CustomBehavior"> <endpoint address="DemoService" binding="basicHttpBinding" contract="WCFDemo.IDemoService" bindingConfiguration="basicBinding" /> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"></endpoint> </service> </services> <behaviors> <serviceBehaviors> <behavior name="CustomBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> </system.serviceModel> </configuration>
(二)為WCF Service application添加一個https binding。
具體作法參見《Step by Step 配置使用HTTPS的ASP.NET Web應用》。
配置完https binding之后,雙擊SSL Settings
勾選Require SSL,點擊Apply。
Http的Binding還是不可缺少,否則會出現下面的錯誤
(三)在客戶端安裝SSL根證書
由於https證書使用的是
所以我們使用的WCF Service URL為 https://win-ounm08eqe64.henry.huang/DemoService.svc
在客戶端,為C:\Windows\System32\Drivers\etc\host 添加一條記錄
然后安裝根證書
雙擊根證書文件,彈出證書屬性的對話框,此時該根證書並不受信任,我們需要將其加入“受信任的根證書頒發機構”,點擊安裝證書
(四)客戶端代碼與配置文件
在客戶端Visual Studio添加Service Reference
private void buttonCalculate_Click(object sender, EventArgs e) { try { textBoxResult.Text = demoServiceClient.Divide(Convert.ToInt32(textBoxNumerator.Text), Convert.ToInt32(textBoxDenominator.Text)).ToString(); } catch (FaultException<DemoServiceReference.DivideByZeroFault> fault) { MessageBox.Show(fault.Detail.Error + " - " + fault.Detail.Detail); } }
client app.config
<?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_IDemoService"> <security mode="Transport" /> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://win-ounm08eqe64.henry.huang/DemoService.svc/DemoService" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IDemoService" contract="DemoServiceReference.IDemoService" name="BasicHttpBinding_IDemoService" /> </client> </system.serviceModel> </configuration>
(五)運行代碼,監聽Message
使用Fiddler,發現消息全部加密
但是如果用Microsoft Service Trace Viewer查看Message Log(參見《使用WCF的Trace與Message Log功能 》),可以看到解密后的信息,因為它不是在wire上監聽,而Fiddler是在wire上進行監聽。
Request:
Response:
(六)總結
Transport Security Mode是傳輸協議級的加密,而Message Security Mode是對消息級別的加密。每種協議都有自己對應的傳輸協議級的加密方式,比如HTTP的加密方式就為SSL。
