使用ASP.NET成员资格提供程序的WCF身份验证
[英]WCF authentication using ASP.NET Membership Provider
问题描述
It's been a week already and I'm still not fully comfortable with implementing ASP.NET Membership Provider with WCF. 
已经有一个星期了,我对使用WCF实现ASP.NET Membership Provider仍然不满意。 I'm wondering: 我很好奇:
We already have a website which is running under HTTPS protocol.
我们已经有一个在HTTPS协议下运行的网站。 We are working on a new application which will have a WCF service and is going to replace our old application (with HTTPS). 我们正在开发一个具有WCF服务的新应用程序,并将替换旧应用程序(使用HTTPS)。 Now my question is, since we already have a secured website, do I have to get another certificate just for the WCF service? 现在我的问题是,由于我们已经有一个安全的网站,我是否必须仅为WCF服务获得另一个证书? If yes, then do I have to get certificates for clients as well?
如果是,那么我还必须获得客户的证书吗? (As I was looking on the web, most of the answers I found were "yes".) (当我在网上浏览时,发现的大多数答案是“是”。) If no, can I use the existing certificate to authenticate my service?
如果没有,我可以使用现有证书来认证我的服务吗?
2 个解决方案
解决方案1
1 2014-07-28 01:10:24
To answer your 2nd question, you only need client certificates if you want your WCF service to support mutual (2-way) SSL authentication, in which both the server and client sides are authenticated by their respective certificates. 要回答第二个问题,仅当您希望WCF服务支持双向(双向)SSL身份验证时才需要客户端证书,在该双向身份验证中,服务器端和客户端均通过各自的证书进行身份验证。
Refer to this question for further information on mutual ssl and wcf. 有关相互ssl和wcf的更多信息,请参考此问题。
how to implement 2-way SSL certificate for WCF 如何为WCF实现2路SSL证书
解决方案2
0 已采纳 2014-07-28 00:54:03
You have to have 1 SSL Certificate per domain unless you purchase a wildcard certificate. 除非您购买通配符证书,否则每个域必须具有1个SSL证书。 So, if your current SSL Certificate is for subdomain.mydomain.com and you want to host the WCF service at anothersubdomain.mydomain.com (or even www.anotherdomain.com), then you'll need another certificate. 因此,如果您当前的SSL证书用于subdomain.mydomain.com,并且您希望将WCF服务托管在anothersubdomain.mydomain.com(甚至www.anotherdomain.com)上,那么您将需要另一个证书。 If this is something that would happen fairly frequently, then I'd suggest you purchase a *.mydomain.com SSL certificate. 如果这种情况经常发生,那么建议您购买* .mydomain.com SSL证书。
Another option would be to host the WCF service under the current subdomain with a URL like subdomain.mydomain.com\\myservice\\service.svc. 另一种选择是使用诸如subdomain.mydomain.com \\ myservice \\ service.svc之类的URL将WCF服务托管在当前子域下。
I can't answer your second question but I doubt you are using client side certificates. 我无法回答您的第二个问题,但我怀疑您正在使用客户端证书。
Here's a link to a Beginner's guide on SSL Certificates . 这是指向SSL证书的初学者指南的链接。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.