gpt4 book ai didi

WCF 路由 + SSL

转载 作者:行者123 更新时间:2023-12-04 16:46:30 29 4
gpt4 key购买 nike

我需要创建一个“路由”服务。我正在尝试使用 .Net 的 System.ServiceModel.Routing.IRequestReplyRouter我可以让它只在 HTTP 模式下工作,而不是在 HTTPS 下工作。错误是“无法建立安全的 SSL/TLS 连接”...我还尝试了自定义证书验证器,但未调用它! (创建了,但是没有调用validate方法)

我在这里发布我的配置:

<?xml version="1.0"?>

    <bindings>

<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>

<!-- Security On -->
<binding name="customBindingSecure">

<textMessageEncoding messageVersion="Soap12WSAddressing10">
</textMessageEncoding>
<security authenticationMode="UserNameOverTransport" />
<httpsTransport />
</binding>

<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000" maxBufferPoolSize="1000000" maxBufferSize="1000000" />
</binding>

</customBinding>


</bindings>

<services>
<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>

<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>

</service>


</services>
<behaviors>

<endpointBehaviors>
<behavior name="CustomClientBehavior">
<clientCredentials>
<serviceCertificate>
<defaultCertificate findValue="serverx509v1" storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectName"/>
<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>

<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
<serviceCredentials>

<clientCertificate>

<authentication customCertificateValidatorType="com.abodata.plat1.WCFProxy.PlatoneCertificateValidator, PlatoneWSRelay"
certificateValidationMode="Custom" revocationMode="NoCheck" />
</clientCertificate>
<userNameAuthentication userNamePasswordValidationMode="Custom"
customUserNamePasswordValidatorType="com.abodata.plat1.WCFProxy.UsernameValidator, PlatoneWSRelay" />

</serviceCredentials>

</behavior>

<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>


</serviceBehaviors>
</behaviors>

<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>

</routing>

<client>
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">

<identity>
<dns value="serverx509v1" />
</identity>
</endpoint>
</client>


<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>

编辑:我设法通过添加到我的配置来建立 TLS 连接

<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>

但是...现在我的 soap 信封的安全 header 出现了问题。客户端将消息正确地发送到我的路由器,但它删除了安全 header ,所以我得到一个异常...

最佳答案

好的...我也解决了第二个问题。

我的路由器绑定(bind)不能指定安全标签,否则它会处理信封。这是我的工作配置

    <?xml version="1.0"?>
<configuration>



<system.serviceModel>

<bindings>
<!-- Must use custom binding: silverlight only support basicHttpBinding that is not
SOAP 1.2. So.. I create a custom binding-->
<customBinding>
<!-- Security Off version-->
<binding name="customBindingNotSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10"/>
<httpTransport />
</binding>

<!-- Security On -->
<binding name="customBindingSecure">
<textMessageEncoding messageVersion="Soap12WSAddressing10">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647"
maxArrayLength="2147483647" maxBytesPerRead="2147483647"
maxNameTableCharCount="2147483647" />
</textMessageEncoding>
<httpsTransport maxBufferPoolSize="2000000" maxBufferSize="2000000" maxReceivedMessageSize="2000000" />
</binding>

<binding name="platoneBinding">
<textMessageEncoding messageVersion="Soap12WSAddressing10" />
<httpsTransport maxReceivedMessageSize="1000000000" maxBufferPoolSize="1000000000" maxBufferSize="1000000000" />
</binding>

</customBinding>


</bindings>

<services>

<service behaviorConfiguration="routingService" name="System.ServiceModel.Routing.RoutingService">
<endpoint address=""
binding="customBinding"
name="reqReplyEndpoint"
contract="System.ServiceModel.Routing.IRequestReplyRouter" bindingConfiguration="customBindingSecure"/>

<endpoint address=""
binding="customBinding"
name="reqReplyEndpointHttp"
contract="System.ServiceModel.Routing.IRequestReplyRouter"
bindingConfiguration="customBindingNotSecure"/>

</service>


</services>
<behaviors>

<serviceBehaviors>
<behavior name="routingService">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
<routing routeOnHeadersOnly="true" filterTableName="routingTable1" />
</behavior>

<behavior name="">
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>

<routing>
<filters>
<filter name="MatchAllFilter1" filterType="MatchAll" />
</filters>
<filterTables>
<filterTable name="routingTable1">
<add filterName="MatchAllFilter1" endpointName="PlatoneWSService" />
</filterTable>
</filterTables>

</routing>

<client>
<!-- https://10.0.2.243:9006/Persistence -->
<endpoint address="https://10.0.2.243:9006/Persistence"
binding="customBinding" bindingConfiguration="platoneBinding"
contract="*" name="PlatoneWSService">

</endpoint>
</client>


<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>


<system.net>
<settings>
<servicePointManager checkCertificateName="false" checkCertificateRevocationList="false"/>
</settings>
</system.net>
</configuration>

缓冲区和消息的尺寸必须经过“测试”(也就是说..我选择了一个大数字来让它工作...)

关于WCF 路由 + SSL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9685375/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com