保护NamedPipes WCF服务的最简单方法是什么?
[英]Simplest way to secure a NamedPipes WCF service?
问题描述
I'm using a WCF NamedPipesService to do IPC between two processes. 
我正在使用WCF NamedPipesService在两个进程之间执行IPC。 Whats the simplest way to secure the WCF services so only my processes can access them? 什么是保护WCF服务的最简单方法,只有我的进程可以访问它们?
I tried looking through the WCF documentation, but it all looks pretty complex, and seems to primarily focus on authenticating users rather than client processes. 我尝试查看WCF文档,但它看起来都非常复杂,似乎主要关注用户身份验证而不是客户端进程。
1 个解决方案
解决方案1
2 2013-06-14 12:43:37
Can't think of anything out of the box for named pipe binding. 无法想到任何开箱即用的命名管道绑定。 However there is always a workaround. 但总有一种解决方法。
Custom headers 自定义标题
You can easily implement IClientMessageInspector interface to send some custom authentication info (process key word or login and password for example) with each service call. 您可以轻松实现IClientMessageInspector接口,以便在每次服务调用时发送一些自定义身份验证信息(例如,处理关键字或登录名和密码)。 Then implement IDispatchMessageInspector to validate the headers on the service side. 然后实现IDispatchMessageInspector以验证服务端的标头。 here you can find more about message inspectors in WCF . 在这里,您可以在WCF中找到有关消息检查器的更多信息 。
Windows authentication Windows身份验证
Just use a windos account no one can use except for your application and configure windows authentication like that 只需使用一个没有人可以使用的windos帐户,除了您的应用程序并配置像这样的Windows身份验证
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
Personally I like the option with custom headers more but do you really need to authenticate you process at all? 就个人而言,我更喜欢自定义标题的选项,但您真的需要对您的过程进行身份验证吗? No one can access your service from public. 没有人可以从公共场所访问您的服务。 Do you think there is somebody within your organization who can attack your service? 您认为组织中是否有人可以攻击您的服务? I mean maybe it's not really the right binding in your case. 我的意思是,在你的情况下,它可能不是真正的正确绑定。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.