[英]What is the most secure way to connect to a WCF Service from monodroid?
I have a WCF Service which I need to call from a monodroid app. 我有一个WCF服务,需要从Monodroid应用程序中调用。 I want to prevent users from using a tool like fiddler to read the data.
我想防止用户使用诸如提琴手之类的工具来读取数据。 I tried using TLS with server- and clientcertificates but it seems that monodroid doesn't support clientcertificates.
我尝试将TLS与服务器证书和客户端证书一起使用,但是monodroid似乎不支持客户端证书。 Is there another option I could try to secure the service?
我可以尝试保护服务的另一种选择吗?
Edit: To clarify the question: I'm looking for a possibility to encrypt the communication between the app and the service to prevent man in the middle attacks like using fiddler or another proxy. 编辑:澄清问题:我正在寻找一种加密应用程序和服务之间通信的可能性,以防止中间人攻击,例如使用提琴手或其他代理。 The best thing I found so far is using a basicHttpBinding with transport security and a server certificate but this doesn't work against man in the middle attacks.
到目前为止,我发现最好的方法是使用具有传输安全性和服务器证书的basicHttpBinding,但这对中间攻击的人无效。
You can secure the WCF service with username and password, the below url's provides how to create wcf service with username and password feature 您可以使用用户名和密码保护WCF服务,以下网址提供了如何使用用户名和密码功能创建wcf服务的信息
http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti
http://www.felinesoft.com/blog/index.php/2014/02/securing-a-wcf-service-with-username-and-password-using-message-security-and-the-channel-factory-pattern/ http://www.felinesoft.com/blog/index.php/2014/02/securing-a-wcf-service-with-username-and-password-using-message-security-and-the-channel-factory-图案/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.