如何将 WCF 配置为接受 SSL 和非 SSL

【问题标题】:How can I configure WCF to accept SSL and non-SSL如何将 WCF 配置为接受 SSL 和非 SSL
【发布时间】:2011-04-04 11:31:41
【问题描述】:

我需要一些帮助来配置 WCF 以支持多种环境。一种环境允许通过标准 HTTP 进行匿名身份验证,而另一种环境使用基于 SSL 的 Windows 身份验证。

我可以将 WCF 配置为支持其中一种环境,但不能在同一个 web.config 文件中同时支持这两种环境。

这是允许通过 http 匿名的:

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DL" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="Service1" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>          
</services>

以下是通过 SSL 进行 Windows 身份验证的方法:

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DL" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="DynamicLoaderAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="Service1" behaviorConfiguration="MexBehavior">
        <endpoint address="" behaviorConfiguration="ValidValuesServiceAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>          
</services>     
<bindings>
    <webHttpBinding>
        <binding name="webWinBinding">
            <security mode="Transport">
                <transport clientCredentialType="Windows" />
            </security>
        </binding>
    </webHttpBinding>           
</bindings>

当我将端点从 SSL 配置添加到非 SSL 配置时,匿名服务中断。

这是一个不起作用但尝试将两个设置放在一起的配置文件:

<behaviors>
    <serviceBehaviors>
        <behavior name="MexBehavior" >
            <serviceMetadata httpGetEnabled="true" />
        </behavior>
    </serviceBehaviors>
    <endpointBehaviors>
        <behavior name="DLAspNetAjaxBehavior">
            <enableWebScript/>
        </behavior>
        <behavior name="Service1AspNetAjaxBehavior">
            <webHttp/>
        </behavior>
    </endpointBehaviors>
</behaviors>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<services>
    <service name="DynamicLoader" behaviorConfiguration="MexBehavior">
        <endpoint name="basic" address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webAnonymousBinding" contract="DLService"/>
        <endpoint name="secure" address="" behaviorConfiguration="DLAspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="DLService"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
    <service name="ValidValuesService" behaviorConfiguration="MexBehavior">
        <endpoint name="basic" address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webAnonymousBinding" contract="Service1"/>
        <endpoint name="secure" address="" behaviorConfiguration="Service1AspNetAjaxBehavior" binding="webHttpBinding" bindingConfiguration="webWinBinding" contract="Service1"/>
        <endpoint name="MEXEndpoint" contract="IMetadataExchange" binding="mexHttpBinding" address="mex" />
    </service>
</services>
<bindings>
    <webHttpBinding>
        <binding name="webWinBinding">
            <security mode="Transport">
                <transport clientCredentialType="Windows" />
            </security>
        </binding>
        <binding name="webAnonymousBinding">
            <security mode="None">
            </security>
        </binding>
    </webHttpBinding>
</bindings>

有什么方法可以将端点组合成一个 web.config 以支持这两种环境?

【问题讨论】:

  • 您是否必须同时支持两种环境,还是一种环境是 DEV(非 SSL)而另一种是 QA 或 PROD (SSL)?
  • 并发。同一个应用程序有一个内部和外部接口,一个使用带有 Windows 身份验证的 SSL,另一个是使用表单身份验证的匿名非 SSL。

标签: wcf configuration ssl


【解决方案1】:

这个之前的 SO 问题/答案有帮助吗?

calling a web service using WCF over Http and Https

(见第一个答案。)

【讨论】:

  • 不,它对我不起作用。我将编辑问题以显示不起作用的组合配置文件。谢谢!
猜你喜欢
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2012-05-25
  • 1970-01-01
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode