具有消息安全性的WCF / basicHttp可与Java客户端互操作吗?
[英]WCF/basicHttp with message security interoperable with Java client?
问题描述
The basicHttp binding works great for Java client with no problem, if I turn on the message security, would it causing trouble for Java client? 
basicHttp绑定对Java客户端来说毫无问题,如果我打开消息安全性,是否会对Java客户端造成麻烦?
Since basicHttp is SOAP1.1, if message security is turned on, will it use WS-Security to support certificate based authentication? 由于basicHttp是SOAP1.1,因此如果打开了消息安全性,它将使用WS-Security支持基于证书的身份验证吗?
1 个解决方案
解决方案1
1 已采纳 2014-04-28 04:14:31
It would be preferable to use Custom binding if you want to use certificate based authentication while using SOAP 1.1(Also considering interoperability like Java based clients or oracle services). 如果要在使用SOAP 1.1时使用基于证书的身份验证,则最好使用自定义绑定 (还要考虑基于Java的客户端或oracle服务的互操作性)。 AuthenticationMode would change based on your needs. AuthenticationMode会根据您的需要进行更改。
For example, the below binding shows Mutual certificate authentication on both server and client side + transport security(https). 例如,以下绑定显示了服务器和客户端上的相互证书身份验证+传输安全性(https)。
<customBinding>
<binding name="customSSLMutualCertificate" sendTimeout="00:05:00" receiveTimeout="00:05:00">
<customTextMessageEncoding messageVersion="Soap11"/>
<security defaultAlgorithmSuite="Basic256Rsa15" authenticationMode="MutualCertificate"
requireDerivedKeys="false" securityHeaderLayout="Lax" includeTimestamp="false"
keyEntropyMode="CombinedEntropy" messageProtectionOrder="SignBeforeEncrypt"
messageSecurityVersion="WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"
requireSignatureConfirmation="false" enableUnsecuredResponse="true">
<localClientSettings cacheCookies="true" detectReplays="false"
replayCacheSize="900000" maxClockSkew="00:05:00"
maxCookieCachingTime="Infinite"
replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
<localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
negotiationTimeout="00:01:00" replayWindow="00:05:00"
inactivityTimeout="00:02:00"
sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
reconnectTransportOnFailure="true" maxPendingSessions="128"
maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
<secureConversationBootstrap />
</security>
<httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
maxReceivedMessageSize="65536" allowCookies="false"
authenticationScheme="Anonymous"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
keepAliveEnabled="true" maxBufferSize="65536"
proxyAuthenticationScheme="Anonymous"
realm="" transferMode="Buffered"
unsafeConnectionNtlmAuthentication="false"
useDefaultWebProxy="true" requireClientCertificate="false"/>
</binding>
</customBinding>
Also refer Does WCF support WS-Security with SOAP 1.1? 另请参阅WCF是否通过SOAP 1.1支持WS-Security? for other options 其他选择
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.