堆栈内存溢出
  简体   繁体   English

以下配置在WCF的上下文中意味着什么?

[英]What does the following configuration mean in the context of WCF?

 原文  2014-02-26 15:39:10       c#/ wcf

问题描述

I added a WCF as a service reference to my client app from VS2013 and it generated the following config section in the app.config file. 我从VS2013添加了一个WCF作为我的客户端应用程序的服务引用,它在app.config文件中生成了以下配置部分。 

                <security mode="Message">
                    <transport clientCredentialType="None" />
                    <message clientCredentialType="None" />
                </security>

What does this mean? 这是什么意思? The security mode is message but there are separate entities inside that for transport and message. 安全模式是消息,但内部有单独的实体用于传输和消息。 I am confused. 我很困惑。

1 个解决方案

解决方案1
 3 已采纳  2014-02-26 15:43:26

You have two primary choices for providing transfer security: either you provide the transfer security on the transport level, or on the message level. 提供传输安全性有两个主要选择:要么在传输级别提供传输安全性,要么在消息级别提供传输安全性。

There is a nice article on MSDN discussing this here . MSDN上有一篇很好的文章在这里讨论。

Transport Security: 运输安全:

When using transport security, the user credentials and claims are passed by using the transport layer. 使用传输安全性时,将使用传输层传递用户凭据和声明。 In other words, user credentials are transport-dependent, which allows fewer authentication options compared to message security. 换句话说,用户凭据是依赖于传输的,与消息安全性相比,它允许更少的身份验证选项。

Message Security: 消息安全:

When using message security, the user credentials and claims are encapsulated in every message using the WS-Security specification to secure messages. 使用消息安全性时,使用WS-Security规范将用户凭据和声明封装在每封消息中以保护消息。 This option gives the most flexibility from an authentication perspective. 此选项从身份验证角度提供最大的灵活性。 You can use any type of security credentials you want, largely independent of transport, as long as both the client and service agree. 只要客户端和服务都同意,您就可以使用任何类型的安全凭证,这些凭证在很大程度上独立于传输。

Update per comment 每条评论更新

What it means in the context of the configuration file that you provided: 在您提供的配置文件的上下文中它意味着什么:

After setting a security mode (in this case message ), you have the option of setting the client credential type. 设置security mode (在本例中为message )后,您可以选择设置客户端凭据类型。 The client credential type property specifies what type of credential the client must provide to the service for authentication. 客户端凭据类型属性指定客户端必须为服务提供哪种类型的凭据以进行身份​​验证。 In this case, if either transport or message are specified as the security mode then they will use None as the client credential type which means that the client does not have to present any credential. 在这种情况下,如果将transportmessage指定为security mode则它们将使用None作为客户端凭据类型,这意味着客户端不必提供任何凭据。

Currently, the following line is essentially being ignored as message is the specified security mode . 目前,以下行基本上被忽略,因为message是指定的security mode 

<transport clientCredentialType="None" />

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WCF这是什么意思? - WCF and What does this mean? 什么了! 意味着在这种背景下? - What does the ! mean in this context? 为什么具有以下配置的WCF服务不起作用? - Why does the WCF service with the following configuration not work? new()在此上下文中的含义是什么 - What does new() mean in this context double.MaxValue和double.MinValue在以下上下文中的含义是什么? - What does double.MaxValue and double.MinValue mean in the following context? 以下歧义错误是什么意思? - What does the following ambiguity errors mean? 1.e0在以下代码中是什么意思 - What does 1.e0 mean in the following code C# 中的以下语法是什么意思 - what does the following syntax mean in C# 以下是该类型各部分的含义 - what does the following mean in each part of the type 以下列方式引用装配是什么意思 - what does it mean to refer to assembly in following manner
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM